Cagen

This is the CA generator plugin for nuci, which will be used as part of the easy OpenVPN configuration.

It allows to:

• Create a CA
• Let it generate certificates (possibly in a single step, possibly in the background)
• Drop the whole CA
• Get status of the certificates and their paths
• Download the certificates and keys

If you want to run a test, this input works. It:

• Creates a CA
• Gets the status
• Gets some certs
• Drops the CA

<?xml version="1.0" encoding="UTF-8"?>
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
  <capabilities>
    <capability>urn:ietf:params:netconf:base:1.0</capability>
  </capabilities>
</hello>
]]>]]><?xml version="1.0" encoding="UTF-8"?>
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1">
 <generate xmlns="http://www.nic.cz/ns/router/ca-gen">
   <ca>
     <name>testCA</name>
     <new/>
     <dhparams/>
     <cert>
       <name>cl1</name>
       <type>client</type>
     </cert>
   </ca>
 </generate>
</rpc>
]]>]]><?xml version="1.0" encoding="UTF-8"?>
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1">
  <get>
    <filter type='subtree'><cas xmlns='http://www.nic.cz/ns/router/ca-gen'/></filter>
  </get>
</rpc>
]]>]]>
<?xml version="1.0" encoding="UTF-8"?>
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1">
 <download xmlns="http://www.nic.cz/ns/router/ca-gen">
   <ca>
     <name>testCA</name>
     <dhparams/>
     <crl/>
     <cert>
       <serial>01</serial>
       <key/>
     </cert>
   </ca>
 </download>
</rpc>
]]>]]><?xml version="1.0" encoding="UTF-8"?>
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1">
 <delete-ca xmlns="http://www.nic.cz/ns/router/ca-gen">
   <ca>testCA</ca>
 </delete-ca>
</rpc>
]]>]]><?xml version="1.0" encoding="UTF-8"?>
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1">
  <get>
    <filter type='subtree'><cas xmlns='http://www.nic.cz/ns/router/ca-gen'/></filter>
  </get>
</rpc>
]]>]]>

This is related to #11 (closed).