|
|
If your concern is pushing updates to your CRL, and making sure that those updates are atomic (ie. multiple folks don't stomp on each others' changes), you could try using something like GNU Arch. Arch stores revision control history, optionally GPG-signed, in an append-only repository, and can access said repository via FTP, sftp, WebDAV, etc. If you script a "tla replay" (which pulls and applies updates) to happen whenever you need to be sure you're up-to-date... well, there you go. On my site, the CA server (a system which is set up to allow outgoing connections only, and so which must be operated by actually walking up to it) pushes updates out to a repository sitting on AFS, from where they're pulled by our VPN server. Works quite nicely, and we have a history of what's been done, who did it and when. (Pushing updates to the AFS server requires a valid login and password). That said, it's quite possibly overkill for your environment. ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |