﻿Tabelle Settings:
----------------
name: varchar
value: varchar

Predefined record:
INSERT INTO Settings (name, value) VALUES ('version', 1);
Indicating version of database structure for later updates.

Tabelle Extensions:
------------------
id: longint, auto-increment, unique
type: enum(cert,crl)
critical: bool
oid: varchar
value: varchar

index (id; unique)
index ((type, oid ASC, value); unique)
index (oid ASC)


Tabelle Policies:
----------------
id: int, auto-increment, unique
name: varchar, unique
Country: enum(match,supplied,optional)
STate: enum(match,supplied,optional)
Location: enum(match,supplied,optional)
Organization: enum(match,supplied,optional)
OrganizationalUnit: enum(match,supplied,optional)
CommonName: enum(match,supplied,optional)
Email: enum(match,supplied,optional)

index (id; unique)
index ((Country, STate, Location, Organization, OrganizationalUnit, CommonName, Email); unique)
index (name ASC)

One record should be predefined:
INSERT INTO Policies (name, Country, STate, Location, Organization, OrganizationalUnit, CommonName, Email)
  VALUES ('default', supplied, optional, supplied, supplied, optional, supplied, supplied);


Tabelle Authorities:
-------------------
id: int, auto-increment, unique
hash: longint, unique
name: varchar
policy: foreign key(policies.id)
digest: int
certificatedays: int
crlnumber: int
crldays: int
certificate: blob
key: blob

index (id; unique)
index (hash; unique)
index (name ASC)

Field 'digest' may not exceed boundaries set by enumeration 'kCA_ossl::Digest'.


Tabelle CAExtensions:
--------------------
id: longint, auto-increment, unique
authority: foreign key(authorities.id)
extension: foreign key(extensions.id)

index (id; unique)
index ((authority,extension); unique)
index (authority)
index (extension)


Tabelle Certificates:
--------------------
id: longint, auto-increment, unique
serial: unsigned longint
fingerprint: char(64), unique
authority: foreign key(authorities.hash)
subject: varchar
issued: datetime
validfrom: datetime
expiration: datetime
owner: varchar
state: enum(valid,expired,revoked)
revocation: datetime
reason: shortint
certificate: blob

index (id; unique)
index (fingerprint; unique)
index (authority)
index ((authority,serial); unique)
