Provided by: pyca_20031119-0.1ubuntu1_all bug

NAME
       pyca - CA written in python


DESCRIPTION
       The  scripts  in this suite are basically wrappers around openssl(1). Additionally the scripts integrates
       the generic CA-functionality with the mail-system and apache for handling certificate requests; with LDAP
       for handling distributing certificates and revocation lists; and cron for maintenance tasks.


PROGRAMMES
       pickle-cnf.py
              Create  a  pickled  copy the OpenSSL configuration object for faster reading of the configuration.
              The pickle-file name is the name of the OpenSSL configuration file plus .pickle.

       ca-make.py
              Generate a CA hierarchy, all necessary files and  directories  and  all  initial  CRLs  (see  also
              signedby  extension  in  OpenSSL  configuration  file). This is intended to be run under user root
              since it sets the ownership and permissions.

       ca-certreq-mail.py
              Handles the mail dialogue after certificate request. The SPKAC certificate request and  LDIF  data
              is  moved  from the directory pend_reqs_dir to new_reqs_dir. Set this script in your /etc/aliases,
              procmailrc or similar to receive mails for the address specified in caCertReqMailAdr.

       ca-cycle-pub.py
              This script is typically run by the CA admin user  via  CRON  or  a  similar  task  manager  on  a
              networked system holding the public certificate data. It does several jobs:

              * Publish new certificates and inform user via e-mail where to download his certificate

              * Remove stale certificate requests from pend_reqs_dir.

              *   Spool  certificate requests and certificate revocation requests to the system holding the CA's
              private keys. (not implemented yet)

              *  Spool certificates and certificate revocation lists from the system holding  the  CA's  private
              keys. (not implemented yet)

       ca-cycle-priv.py
              This  script  is  run  on  the system where the private keys of the CA are stored. It does several
              jobs:

              * Mark expired certificates in OpenSSL certificate database

              * Generate new CRLs, move old CRLs to archive (not implemented yet)

              * Process certificate requests and certificate revocation requests (not implemented yet)

              * Spool certificate database, issued certificates and CRLs to public  WWW  and  LDAP  server  (not
              implemented yet)


SEE ALSO
       pyca(1)

       The programs are documented fully by the HTML documents in /usr/share/doc/pyca/htdocs/


COPYRIGHT
       Copyright © 2001 - 2003 Michael Stroeder <michael@stroeder.com>

       This software including all modules is Open Source and given away under: GPL (GNU GENERAL PUBLIC LICENSE)
       Version 2.

       The author refuses to give any warranty of any kind.


AUTHOR
       Michael Stroeder <michael@stroeder.com>

       This manual page was written by Lars Bahner <bahner@debian.org>, for the Debian GNU/Linux system (but may
       be used by others).

                                                  june 30, 2002                                          pyca(8)