NAME
App::CamelPKI::Controller::CA - Camel-PKI Certiciate Authority controller.
DESCRIPTION
This controller provides the CA-wide actions that are independent of any given certificate template.
Actions with name ending by _pem don't use App::CamelPKI::View::JSON, but rather transmit directly their data in text/plain; this enables operation with very basic clients (e.g. 'wget'). Most of these text/plain actions do not require a client certificate and are publicly accessible.
- certificate_pem
-
Returns the AC certicate, in PEM format.
Note: the Content-Type is
text/plain, and notapplication/pkix-cert(as mentioned in RFC2585), because it would seem that the latter is intended for DER format. - certificate_chain_pem
-
Returns a list of certificates in PEM format concatenated together. The first of these certificates is the same that "certicate_pem"; the whole list constitues a valid certification chain in the sense of RFC3280 section 6.
- gen_crl
-
Immediately generates a new CRL, and returns it in PEM format.
Note: the Content-Type is
text/plain, and notapplication/pkix-cert(as mentioned in RFC2585), because it would seem that the latter is intended for DER format. - current_crl
-
Returns the last CRL issued by "gen_crl", unless it is set to expire shortly, in which case a new CRL is generated, stored and returned.
- examine_crl
-
Sends the right template in order to consult the CRL.
- download_crl
-
Sends back in a text file in DER format the CRL.
- list_issued_certificates
-
Gets the list of Certificates wich are currently issued and not revoked yet.
- list_revoked_certificates
-
Gets the list of Certificates wich are currently revoked.