Is there a way to automatically populate the Vanity CRL/AIA mapping files?

[pittagurneyi]

Hello,

I've been looking into apache rewriting of the CA name to the search.cgi url, as described in https://github.com/Keyfactor/ejbca-ce/blob/main/charts/ejbca/templates/httpd-configmap.yaml. The mapping files used therein are /etc/httpd/rewriteMaps/aiamapping.txt and /etc/httpd/rewriteMaps/crlmapping.txt, consisting of CA name to lowercase (for example) and the iHash or sHash value for each CA on a separate line.

I'd hoped there would be an easy way to automatically fill it, but so far I've been unsuccessful. The database does not seem to have that information and I couldn't find another way to get it.

Could someone please point me in the right direction? Preferably I'd use a bash script triggered by a cronjob to update the list every couple of hours. Or is there a better way?

[primetomas]

These hashes are from RFC4387. True, the hashes are not in the database and are dynamically generated from CA certificates loaded from the database. As the values are standardized you can create them in any way you like of course.