Abstract—This paper will detail the process and methods to the problem with having an Offline Certificate Authority that can still be accessed remotely. Specifically, to update CRL on the server when the need arises without bringing the entire CA online. This has been managed via local access in the past but to ease the use a need for remote management has arisen. This paper will explain how this problem was solved with the use of a Data diode to prevent the CA to be fully online. A Data Diode will only allow traffic in one direction keeping any data from leaking from the CA while still making it available for specific uploads, in this case CRL files that handle the revocation of certificates issued by the CA. This will allow for more up to date lists when the server is brought online for the issuance of certificates once per year. This paper will try to detail the steps that need to be taken in order to set up an edge server that allows the transmission of files with the use of UDP. Keywords—CRL Content Revocation List, CA Certificate Authority, Data Diode, Offline Server, UDP user Datagram Protocol.
Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:ltu-101155 |
Date | January 2023 |
Creators | Åman, Emil |
Publisher | Luleå tekniska universitet, Institutionen för system- och rymdteknik |
Source Sets | DiVA Archive at Upsalla University |
Language | English |
Detected Language | English |
Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
Format | application/pdf |
Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0022 seconds