read more at:
-[Fedora Project Page](https://fedorahosted.org/certmaster/)
+[Original Fedora Project Page](https://fedorahosted.org/certmaster/)
-[Fedora Repo](http://git.fedorahosted.org/git/?p=certmaster.git;a=summary)
+[Original Fedora Repo](http://git.fedorahosted.org/git/?p=certmaster.git;a=summary)
---
## About this fork
+_certmaster -- it hands out SSL certs from multiple CAs !!!_
+
### Multiple CA support
This certmaster fork introduces a new '--ca' argument for specifying an alternative certificate authority.
-This allows one certmaste instance to supply certs from multiple authorities instead of having to have a
-separate certmaster instance for each certificate authority might be using.
+This allows one certmaster instance to supply certs from multiple authorities instead of having a separate certmaster
+instance for each certificate authority you are using.
-If you don't want to use multiple CA's, this fork should act just like the parent certmaster project - you
-should be able to upgrade your existing certmaster to this version, and it will continue to server your existing certs
+If you don't want to use multiple CA's, this fork should act just like the parent certmaster project from Fedora - you
+should be able to upgrade your existing certmaster to this version, and it will continue to server your existing certs.
-If you want to add an additional certificate authorities, add a section to your certmaster.conf file as per below
+If you want to add additional certificate authorities, include a section to your certmaster.conf file as per below
for each CA, using a different name and set of directories for each CA.
[ca:name]
Then include the argument '--ca=name' in your certmaster-request commands to request a cert from the 'name' CA.
-If the '--ca' argument is not given in the certmaster-ca or certmaster-request commands, then the original
-autosign, cadir, cert_dir, certroot, and csrroot options from the main section of certmaster.conf / minion.conf are used instead.
+If the '--ca' argument is not given, then the default CA, as defined by the autosign, cadir, cert_dir, certroot,
+and csrroot options from the main section of certmaster.conf or minion.conf is used.
+
+### Functional Tests
+
+This fork introduces some functional tests using the [shUnit2 framework](https://code.google.com/p/shunit2/wiki/ProjectInfo).
+
+**NOTE THESE TESTS ARE DESTRUCTIVE SO DON'T RUN THEM ON YOUR LIVE CERTMASTER HOST**
+
+The tests overwrite the /etc/certmaster/certmaster.conf and /etc/certmaster/minion.conf files, and delete the cert data directories,
+so only run these tests on a test server / VM / docker image, not on your live production certmaster instance.
### Misc Changes
+ 'certmaster-ca --version' reads /etc/certmaste/version instead of func's version file
+ certmaster-sync doesn't error out if func if not present
++ switched README to README.md
projects / certmaster.git / blobdiff