This project is related to r509 and ocsp-responder, allowing certificate validity and revocation information to be read and written to a Redis backend.
When a certificate is issued, we want this sent to Redis:
HMSET "cert:<serial>" status 0
When revoked:
HMSET "cert:<serial>" status 1 revocation_time <timestamp> revocation_reason 0
To get the status of a certificate:
HGETALL "cert:<serial>"
The "status" field can be one of:
R509::Validity::VALID
R509::Validity::REVOKED
The "revocation_reason" field can be one of:
I don't know, we should probably find out
Use this in a project like ocsp-responder by passing it into R509::Ocsp::Signer's constructor:
R509::Ocsp::Signer.new(
:validity_checker => R509::Validity::Redis::Checker.new(Redis.new)
)