Add systemd service, support dynamic configuration
This commit provides examples for both CRL and openssl index.txt based configurations. README.md is added to the generated Debian packages. A systemd service unit file has been added. The configuration file can now be specified using the -configFile command line flag.main 0.1.0
parent
4cd384b69c
commit
c5c8150883
@ -0,0 +1,11 @@
|
||||
[Unit]
|
||||
Description=CAcert OCSP responder service
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
ExecCondition=/bin/sh -c 'test -f /etc/goocsp-config.yaml'
|
||||
ExecStart=/usr/bin/cacert-goocsp -serverAddr ":80" -configFile /etc/goocsp-config.yaml
|
||||
StateDirectory=goocsp
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -0,0 +1,13 @@
|
||||
# example configuration for an OCSP responder using CRL files
|
||||
---
|
||||
issuers:
|
||||
- caCertificate: root/ca.pem
|
||||
responderCertificate: root-resp.crt.pem
|
||||
responderKey: root-resp.key.pem
|
||||
dbType: crl
|
||||
dbFile: root/revoked.crl
|
||||
- caCertificate: sub1/ca.pem
|
||||
responderCertificate: sub1-resp.crt.pem
|
||||
responderKey: sub1-resp.key.pem
|
||||
dbType: crl
|
||||
dbFile: sub1/revoked.crl
|
@ -0,0 +1,13 @@
|
||||
# example configuration for an OCSP responder using openssl index.txt database files
|
||||
---
|
||||
issuers:
|
||||
- caCertificate: root/ca.pem
|
||||
responderCertificate: root-resp.crt.pem
|
||||
responderKey: root-resp.key.pem
|
||||
dbType: openssl
|
||||
dbFile: root/index.txt
|
||||
- caCertificate: sub1/ca.pem
|
||||
responderCertificate: sub1-resp.crt.pem
|
||||
responderKey: sub1-resp.key.pem
|
||||
dbType: openssl
|
||||
dbFile: sub1/index.txt
|
Loading…
Reference in New Issue