github.com/hellobchain/third_party@v0.0.0-20230331131523-deb0478a2e52/cloudflare/cfssl/certdb/README.md

github.com/hellobchain/third_party@v0.0.0-20230331131523-deb0478a2e52/cloudflare/cfssl/certdb/README.md (about)

     1  # certdb usage
     2  
     3  Using a database enables additional functionality for existing commands when a
     4  db config is provided:
     5  
     6   - `sign` and `gencert` add a certificate to the certdb after signing it
     7   - `serve` enables database functionality for the sign and revoke endpoints
     8  
     9  A database is required for the following:
    10  
    11   - `revoke` marks certificates revoked in the database with an optional reason
    12   - `ocsprefresh` refreshes the table of cached OCSP responses
    13   - `ocspdump` outputs cached OCSP responses in a concatenated base64-encoded format
    14  
    15  ## Setup/Migration
    16  
    17  This directory stores [goose](https://bitbucket.org/liamstask/goose/) db migration scripts for various DB backends.
    18  Currently supported:
    19   - MySQL in mysql
    20   - PostgreSQL in pg
    21   - SQLite in sqlite
    22  
    23  ### Get goose
    24  
    25      go get bitbucket.org/liamstask/goose/cmd/goose
    26  
    27  ### Use goose to start and terminate a MySQL DB
    28  To start a MySQL using goose:
    29  
    30      goose -path $GOPATH/src/github.com/cloudflare/cfssl/certdb/mysql up
    31  
    32  To tear down a MySQL DB using goose
    33  
    34      goose -path $GOPATH/src/github.com/cloudflare/cfssl/certdb/mysql down
    35  
    36  Note: the administration of MySQL DB is not included. We assume
    37  the databases being connected to are already created and access control
    38  is properly handled.
    39  
    40  ### Use goose to start and terminate a PostgreSQL DB
    41  To start a PostgreSQL using goose:
    42  
    43      goose -path $GOPATH/src/github.com/cloudflare/cfssl/certdb/pg up
    44  
    45  To tear down a PostgreSQL DB using goose
    46  
    47      goose -path $GOPATH/src/github.com/cloudflare/cfssl/certdb/pg down
    48  
    49  Note: the administration of PostgreSQL DB is not included. We assume
    50  the databases being connected to are already created and access control
    51  is properly handled.
    52  
    53  ### Use goose to start and terminate a SQLite DB
    54  To start a SQLite DB using goose:
    55  
    56      goose -path $GOPATH/src/github.com/cloudflare/cfssl/certdb/sqlite up
    57  
    58  To tear down a SQLite DB using goose
    59  
    60      goose -path $GOPATH/src/github.com/cloudflare/cfssl/certdb/sqlite down
    61  
    62  ## CFSSL Configuration
    63  
    64  Several cfssl commands take a -db-config flag. Create a file with a
    65  JSON dictionary:
    66  
    67      {"driver":"sqlite3","data_source":"certs.db"}
    68  
    69  or
    70  
    71      {"driver":"postgres","data_source":"postgres://user:password@host/db"}
    72   
    73  or
    74  
    75      {"driver":"mysql","data_source":"user:password@tcp(hostname:3306)/db?parseTime=true"}