This project is related to r509, r509-ca-http, and r509-ocsp-responder, allowing certificate validity and revocation information to be read and written to a Redis backend.
When a certificate is issued, we want this sent to Redis:
HMSET "cert:<issuer>:<serial>" status 0
When revoked:
HMSET "cert:<issuer>:<serial>" status 1 revocation_time <timestamp> revocation_reason 0
To get the status of a certificate:
HGETALL "cert:<issuer>:<serial>"
The "status" field can be one of:
R509::Validity::VALID
R509::Validity::REVOKED
The "revocation_reason" field can be one of:
null
0 (unspecified)
1 (keyCompromise)
2 (cACompromise)
3 (affiliationChanged)
4 (superseded)
5 (cessationOfOperation)
6 (certificateHold)
8 (removeFromCRL)
9 (privilegeWithdrawn)
10 (aACompromise)