## CGI Secure Dir
## ==============

This document tries to explain the programs contained in :

	/home/htdocs/cgi-secure (default)

so as to give a better support for installation.

All parameters are now taken from the same config file, that is the
'secure.cnf' file (def. /home/httpd/cgi-secure/secure.cnf).

----- BEGIN sendcert ----- 
Name: sendcert
Location: /home/httpd/cgi-secure
Brief: Send the CA certificate to users
Author: Massimiliano Pala (madwolf@openca.org)

This program is used to give the user the CA certificate (DER format) to
be imported into the browser. 

Used Keyword(s):

	- CACert : this should point to the CA certificate in
	  DER format. As default /usr/local/RAServer/cacert.der

Related Topics:

	raserver.conf

----- END sendcert -----


----- BEGIN ril.pl -----
Name: ril.pl
Location: /home/httpd/cgi-secure
Brief: Display Issued certificates List
Author: Massimiliano Pala (madwolf@openca.org)

This program builds a table of the issued certificates and prints out
the results on an html page.

Used Keyword(s):

	- certsdir : should point to the directory where
	  certificates are kept (def. /usr/local/RAServer/certs).

	- rilbasedoc : base document for output (def. forms/ril.html)

Related Topics:

	raserver.conf

----- END ril.pl -----


----- BEGIN pending -----
Name: pending
Location: /home/httpd/cgi-secure
Brief: Display User Certification Request List
Author: Massimiliano Pala (madwolf@openca.org)

This Program builds a table containing the certificate request list to
the user to simply check if its request has been correctly received and
archivied by the server.

Used keyword(s):

	- pendingdir : where the pending request (not yes approved by
	  an RA Operator) are to be stored;

	- pendinglistform : html files containing variables to be
	  substituted after table creation, usually points to the
	  form/pending_list.form file;

Related Topics:

	raserver.conf

----- END pending -----


----- BEGIN getID -----
Name: getID
Location /home/httpd/cgi-secure
Brief: Certificate Download tool
Author Massimiliano Pala (madwolf@openca.org)

This tools sends certificate for browser importing to the users. Can send
either e-mail certificates (other's people certificate, i.e. certificates
of other users downloadable from the ril.pl table) and user type certificates
(own certificates, i.e. certificates that you requested with your browser
and need to be imported before you are able to use them).

Used keyword(s):

	- certsdir : should point to the directory where
	  certificates are kept (def. /usr/local/RAServer/certs).

	- getIDErrForm : points to the html page sent whenever an error
	  occours (def. forms/getid_error.html)

Related Topics:

	raserver.conf

----- END getID -----

----- BEGIN request -----
Name: request
Location: /home/httpd/cgi-secure
Brief: Tool for generating Netscape Certification Requests
Author: Massimiliano Pala (madwolf@openca.org)

This program generates the CSR (Certificate Signing Reuqests) to be approved
by a RA Operator before exporting to the CA. Actually only Netscape browser
is supported.

Used keyword(s):

	- ReqStartForm : start document (def. forms/request_cert.form );

	- ReqConfirmForm : data confirmation document ( def. forms/
	  confirm_request.form );

	- ReqSuccessPage : document sent to the user when the request
	  process has been completed wthout errors (def. messages/
	  request_success.html);

	- ReqBrowserError: document sent for the unsupported browser error
	  (def. messages/browser_error.html);

	- ReqPinError: document sent when the pin and confirmation pin are
	  different (def. messages/pin_error.html);

	- ReqProtocolError: document sent when trying to access the page
	  with wrong protocol (def. messages/protocol_error.html);

	- PendingDir : where the pending request (not yes approved by
	  an RA Operator) are to be stored;

	- Organization: Organization Name (def. OpenCA);

	- OrganizationUnit: Organization units to be chosen by the user
	  when requesting the certificate;

	- Country: Countrty to be used in certificate (def. IT);

	- MinPinLength: Minimum PIN code length (def. 10);

Related Topics:

	raserver.conf

----- END request -----


