[Pki-users] partition dogtag data in the ldap server?
Alexander Jung
alexander.w.jung at gmail.com
Thu Jul 9 11:44:17 UTC 2015
Hi,
we have a rather large dogtag install here and the ldap-info is getting
hard to handle (right now in the ~75Gb range).
Are there any recomended ways to partition the data ? I am thinking of
migrating all expired and revoked certificates to a chainend ldap-instance
and keep only the "valid" certificates data in direct access to the CA
instances.
The migration from the "valid" partition to the "expired" partition will
have to be done outside of dogtag and the 389ds-ldaps, probably by a script
at night (it probably could be integrated into the expire runs the dogtag
does, although)
Has a thing like this been done yet? What were the experiences ? What sould
I look out for ?
Mit freundlichen Grüßen,
Alexander Jung
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20150709/3aff4711/attachment.htm>
More information about the Pki-users
mailing list