Skip to main content

Module ca

kipuka

Module ca 

Source
Expand description

Certificate Authority operations.

This module handles CA initialization, certificate issuance, server-side key generation, and the CA backend connection pool for HA routing.

Implements:

  • RFC 7030 §4.2 (simpleenroll/simplereenroll)
  • RFC 7030 §4.4 (serverkeygen)
  • CA/B Forum Baseline Requirements for validity and key constraints
  • NIAP CA PP FCS_CKM.1 for key generation methods

Re-exports§

pub use init::CaInitError;
pub use init::CaInstance;
pub use issue::IssuanceError;
pub use issue::IssuanceResult;
pub use keygen::KeyGenError;
pub use keygen::KeyGenResult;
pub use keygen::KeyType;
pub use pool::CaBackendPool;

Modules§

init
CA initialization and validation.
issue
Certificate issuance from CSR with CA/B Forum compliance.
keygen
Server-side key generation for EST /serverkeygen (RFC 7030 §4.4).
pool
CA backend pool for HA enrollment routing.