CA manager
==========

This collection of tools is our take on managing a CA, signing SSH keys and certificates, signin SSL certificates.

### Tools

#### `request_server.py`

This is a shell for a user, the shell only reads the input from the user and return a JSON, this user can be used with Ansible to request and retrive certificates.

The input must be a JSON file, e.g

```JSON
{
	{
		"keyType": "ssh_host",
		"hostName": "my_new_server",
		"keyData": "ssh-ed25519 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa root@my_new_server"
	},
	"type": "sign_request"
}
```

the example is a `sign_request` for a ssh host certificate.

The shell just output a json with `status` and `reason` keys.

```JSON
{
	"reason" : ...,
	"status" : ...
}
```

The server logs can be found at `/home/request/request_server.log`

#### `ca_sheel.py`

This is a shell for a user, the shell limits the commands to the one we are interested, like generating a SSH/SSL CA, signing keys.

```
# LILiK CA Manager

Welcome to the certification authority shell.
Type help or ? to list commands.
	    
(CA Manager)> ?

Documented commands (type help <topic>):
========================================
describe_cas  gen_ca  help  ls_ca  ls_requests  quit  sign_request
```

### Configuration

The only configuration needed is the path where to operate, modifying te file `paths.py` is all is needed.