cacert-sysadm AT lists.cacert.org
Subject: CAcert System Admins discussion list
List archive
- From: "Milliken, Scott Alan" <scott.milliken AT Vanderbilt.Edu>
- To: Philipp Guehring <philipp AT cacert.org>, "cacert-sysadm AT lists.cacert.org" <cacert-sysadm AT lists.cacert.org>
- Subject: RE: Fwd: CACert API
- Date: Thu, 1 Oct 2009 14:41:09 -0500
- Accept-language: en-US
- Acceptlanguage: en-US
Phillipp,
Thanks for the quick response - the API listing doesn't mention a
field for the OU, which you are allowed to enter when using the web interface
for creating a personal certificate. Is this simply undocumented or is it
not implemented?
Thanks,
Scott Milliken
RHCE
IDCP Certified Data Center Facilities Manager
Vanderbilt University ITS
Data Center Manager, Change Manager
1231 18th Avenue South
Nashville, TN 37212
(615) 343-5843 direct
(615) 322-2954 24x7 Network Operations Center
-----Original Message-----
From: Philipp Guehring
[mailto:philipp AT cacert.org]
Sent: Thursday, October 01, 2009 2:32 PM
To:
cacert-sysadm AT lists.cacert.org;
Milliken, Scott Alan
Subject: Re: Fwd: CACert API
Hi,
>> Hi, we have an Organizational Account in place with CACert for
>> Vanderbilt University and are exploring the widespread deployment of
>> email certificates for our userbase, consisting of up to 45,000 users
>> in any given academic year. These certs would be issued on demand
>> (as the users claimed them, if they so choose to) so an API is
>> definitely what we’re looking for. The Wiki page
>> http://wiki.cacert.org/CertApi does mention an API, but does not
>> include the parameters to include the organizational information
>> unique to Organizational Accounts. Is this a secondary API that
>> could be made under trivial efforts? Also, is there any ability to
>> have the API utilize certificate validation rather than
>> username/password validation?
>>
As far as I remember, the API automatically recognizes the Organisation
from the Domain that is used in the certificates. So if you want to
issue a certificate for
scott.milliken AT Vanderbilt.Edu,
it recognizes the
Vanderbilt.Edu and adds the appropriate Organisational details to it.
(Like in the webinterface too)
If there are any details missing, please contact me.
The API can be used with either personal client certificates (use
secure.cacert.org instead of www.cacert.org then) or username/password
(with www.cacert.org).
The only limitation at the moment is that we can't limit the certificate
to a specific organisation. The certificate is currently bound to your
personal account, like in the webinterface. If you need additional
restrictions there, please tell us your needs.
Best regards,
Philipp Gühring
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
- Fwd: CACert API, Nick Bebout, 10/01/2009
- Re: Fwd: CACert API, Philipp Guehring, 10/01/2009
- RE: Fwd: CACert API, Milliken, Scott Alan, 10/01/2009
- Re: Fwd: CACert API, Philipp Guehring, 10/01/2009
Archive powered by MHonArc 2.6.16.