Use env variable PYCALIB to set name of the directory containing the modules.
Patches contributed by .
If exception getopt.error is raised in command-line programs the string representation of the exception instance is displayed as error message.
VBScript-related fixes contributed by .
Fixed MIME types sent for M$ IE in cgi-bin/get-cert.py (application/pkix-cert, see RFC 2585).
cgi-bin/get-cert.py can be called with path info "extension" specifying the output format (.der, .pem, .b64).
URLs pointing to get-cert.py have suffix .crt or .crl for defining a pseudo "file type". This triggers certificate/CRL handling in older versions of M$ IE which do not properly use the MIME-type for determining the file type.
Massive modifications to default configuration file shipped with package. The default configuration uses a domainComponent root naming now.
Fixed bug concerning validity interval checking when issuing sub CA certificates in ca-make.py.
Make use of parameter caAdminMailAdr in ca-certreq-mail.py for forming From: address if CA certificate does not contain Email attribute in subject DN.
Fixed case-handling of userCertificate atttibute in certs2ldap.py. The currently used attriute type name is determined and also used in displayed status messages.
bin/certs2ldap.py: now handles multi-valued userCertificate atttibutes correctly, can delete revoked or expired certificates, can add new LDAP entries.
No LDIF file created by client-enroll.py anymore.
If anyone messed up the ownership and permission of CA certificate and key file it's restored at the beginning of ca-make.py while still running as root.
Removed input of parameter userpassword in cgi-bin/client-enroll.py since it was never used. Well, the lack of a user administration concept shows here...
Text for confirmation e-mail was altered to avoid the message being caught by spam filters looking for string "ignore this" in message body.
Correctly evaluate form field browsertype in cgi-bin/client-enroll.py.
Applied patch to module vbs contributed by Reiner Keller for fixing compability issues with M$ IE 6.x.
Since most people did not configure the CA cert extensions properly some weird settings were removed.
Removed german umlauts from all Python and HTML sources.
Applied fix to VBScript found in MS Knowledge Base article Q323172. This requires a patch from Microsoft to be installed.
Release 0.6.5 (2000-07-30)
Bug fixes
New script bin/ldap2certs for downloading certs for stunnel and build relay_clientcerts file for Postfix/TLS.
bin/certs2ldap.py now deletes revoked and expired certs from LDAP server
cgi-bin/ns-revoke.py works now if web server has write access to OpenSSL index.txt (not recommended)
Release 0.6.4 (2000-07-07)
Small bug fixes and cosmetic changes
Release 0.6.3 (1999-12-27)
Added parameter --nocrls to bin/ca2ldif.py
Displays SHA-1 fingerprints in view-cert.py and print-cacerts.py now (mainly for users of M$ IE)
Release 0.6.2 (1999-11-23)
new program view-cert.py for displaying certificates
ca-revoke.py can issue new CRL immediately
Improved support M$ IE (VBScript code for choosing cryptographic provider by Michael Konietzka <[email protected]>)
Handling of missing or wrong parameter input in client-enroll.py is much more user-friendly.
Input field for browser type (to avoid problems with users coming through proxies).
Got rid of scripts in sbin/ importing pycacnf.py by using parameters --config and --pycalib.
This might require some changes to an installation (provide parameter in mail aliases, CRON jobs etc.)
ca-cycle-priv.py can be forced to issue CRLs with parameter --issuecrls
Release 0.6.1 (1999-10-12)
Switched back to own parsing of cert datetime since time.strptime() relys on glibc where strptime is broken!
Made certs2ldap.py a little bit more defensive.
Release 0.6.0 (1999-10-10)
Dropped support for configuration parameter caCertFormat!
Support for M$ Internet Explorer (VBScript-Code inspired by contributions of contributed by Jordi Floriach <[email protected]>)
ns-enroll.py is obsoleted by the more general client-enroll.py
Complete rewrite of certs2ldap.py, the script for uploading e-mail certificates to a LDAP repository.
Release 0.5.5 (1999-09-02)
Many bugfixes!
generate really unique IDs for cert requests
complete rewrite of ca2ldif.py
Small enhancements in user interface of CGI-BINs.
Release 0.5.4 (1999-07-17)
Minor bugfixes
Small enhancements in user interface of CGI-BINs
Restrictive ownership/permissions setting of files/directories in ca-make.py
Some small handy scripts for doing boring copying of CA certs
Release 0.5.3 (1999-06-19)
upgrade to OpenSSL 0.9.3a necessary
Many bugfixes and small enhancements
some changes to configuration (might be incompatible to previous versions!!!)
Many improvements and fixes to ca-make.py:
flexible usage of files containing X.509v3 extensions for CA certs
Implemented setting the permissions of various files/dirs.
Better performance by reading configuration from pre-compiled (pickled) conf file
Release 0.5.1 (1999-06-10)
upgrade to Python 1.5.2 necessary
some bugfixes and code cleaning
better documentation
some changes to configuration (might be incompatible to 0.4.5!!!)
allow defining the request form depending on specific certificate type
configuration of preferred certificate format
automatic publishing of certificates with informing user by e-mail
Release 0.4.5 (1999-05-23)
some minor bugfixes
some rudimental documentation
cgi-bin/browser-check.py for testing cryptographic features of browsers
usage of ca-fix executable to fix CA certs during ca-make.py
usage of DER certs possible to speed up downloading
abandoned get-crl.py, get-cert.py does this either
Release 0.4.4 (1999-05-18)
Don't remember...
Page last modified: Monday, 17-Nov-2003 10:38:26 CET, sponsored by
stroeder.com - Information Technology, IT-Security, Identity Management, System Integration