From: Jude N Date: Sat, 28 Mar 2015 14:59:53 +0000 (-0400) Subject: Mention tests in the README.md X-Git-Tag: v0.29~4 X-Git-Url: https://pwan.org/git/?p=certmaster.git;a=commitdiff_plain;h=beeeed85ec30ca652f95ba8f2c6b4202db905433 Mention tests in the README.md --- diff --git a/README.md b/README.md index 1844960..912bce9 100644 --- a/README.md +++ b/README.md @@ -2,25 +2,27 @@ _certmaster -- it hands out SSL certs!_ read more at: -[Fedora Project Page](https://fedorahosted.org/certmaster/) +[Original Fedora Project Page](https://fedorahosted.org/certmaster/) -[Fedora Repo](http://git.fedorahosted.org/git/?p=certmaster.git;a=summary) +[Original Fedora Repo](http://git.fedorahosted.org/git/?p=certmaster.git;a=summary) --- ## About this fork +_certmaster -- it hands out SSL certs from multiple CAs !!!_ + ### Multiple CA support This certmaster fork introduces a new '--ca' argument for specifying an alternative certificate authority. -This allows one certmaste instance to supply certs from multiple authorities instead of having to have a -separate certmaster instance for each certificate authority might be using. +This allows one certmaster instance to supply certs from multiple authorities instead of having a separate certmaster +instance for each certificate authority you are using. -If you don't want to use multiple CA's, this fork should act just like the parent certmaster project - you -should be able to upgrade your existing certmaster to this version, and it will continue to server your existing certs +If you don't want to use multiple CA's, this fork should act just like the parent certmaster project from Fedora - you +should be able to upgrade your existing certmaster to this version, and it will continue to server your existing certs. -If you want to add an additional certificate authorities, add a section to your certmaster.conf file as per below +If you want to add additional certificate authorities, include a section to your certmaster.conf file as per below for each CA, using a different name and set of directories for each CA. [ca:name] @@ -39,10 +41,20 @@ Likewise, when requesting certs from the new CA, include a section of the follow Then include the argument '--ca=name' in your certmaster-request commands to request a cert from the 'name' CA. -If the '--ca' argument is not given in the certmaster-ca or certmaster-request commands, then the original -autosign, cadir, cert_dir, certroot, and csrroot options from the main section of certmaster.conf / minion.conf are used instead. +If the '--ca' argument is not given, then the default CA, as defined by the autosign, cadir, cert_dir, certroot, +and csrroot options from the main section of certmaster.conf or minion.conf is used. + +### Functional Tests + +This fork introduces some functional tests using the [shUnit2 framework](https://code.google.com/p/shunit2/wiki/ProjectInfo). + +**NOTE THESE TESTS ARE DESTRUCTIVE SO DON'T RUN THEM ON YOUR LIVE CERTMASTER HOST** + +The tests overwrite the /etc/certmaster/certmaster.conf and /etc/certmaster/minion.conf files, and delete the cert data directories, +so only run these tests on a test server / VM / docker image, not on your live production certmaster instance. ### Misc Changes + 'certmaster-ca --version' reads /etc/certmaste/version instead of func's version file + certmaster-sync doesn't error out if func if not present ++ switched README to README.md