The system documentation is currently rewritten in a new system that builds HTML from ReStructuredText/Sphinx sources.

The git-Repository is at

The generated documentation is published to

Instructions on how to work on the new documentation are available at

For some more background information see the mailing list thread at

System Administration

The System Administration team is responsible for operation and maintenance of the servers and services provided by CAcert.

Talking to us


See also: SystemAdministration/Team

Infrastructure team

We are always looking for new System Administrators! To see what's going on, join the Sysadm Maillist. If you have specific questions or want to know how to help, post there. currently leads the team.

Critical Servers team

Above, people marked (BIT) above are listed on the Firewall/OS Access list in Appendix B, MoU with secure-u. These people are able to get direct physical (console) access to the machines with secure-u assistance under SecurityManual.

You can send encrypted e-mail to the critical server team by importing this certificate: into your e-mail client and using S/MIME encryption. For verification purposes we include the decoded certificate header here:

        Version: 3 (0x2)
        Serial Number: 159760 (0x27010)
    Signature Algorithm: sha512WithRSAEncryption
        Issuer: O=CAcert Inc., OU=, CN=CAcert Class 3 Root
            Not Before: Jul 25 08:35:21 2015 GMT
            Not After : Jul 24 08:35:21 2016 GMT
        Subject: C=AU, ST=NSW, L=Sydney, O=CAcert Inc., OU=Critical System Administrators, CN=Critical System Administrators/

Access Engineers Team

Access Engineers provide physical gate-keeping to the BIT facility. They have to be present for all direct access by Critical admins. They are listed on the Firewall/Site Access list in Appendix B, MoU with secure-u.


List of Guides:

List of Procedures:



List of Systems:

  1. CategorySystems
  2. DebianVulnerabilityHandling
  3. DisasterRecovery
  4. EmailListsOverview
  5. IPv6
  6. IPv6/CZ
  7. InfrastructureReDesign
  8. OcspResponder
  9. OcspResponder/CZ
  10. SecurityManual
  11. Software/Assessment/testserver
  12. Software/DevelopmentWorkflow
  13. Software/Webdb
  14. Software/Webdb/Maintenance/AddNewRoots
  15. Software/Webdb/Maintenance/DatabaseUpgrades
  16. SuggestKeySizes
  17. SystemAdministration
  18. SystemAdministration/AdminCandidates
  19. SystemAdministration/CableIndex
  20. SystemAdministration/CertificateList
  21. SystemAdministration/EmergencyLogs
  22. SystemAdministration/EquipmentList
  23. SystemAdministration/IPList
  24. SystemAdministration/InfrastructureHost
  25. SystemAdministration/InfrastructureHost/MinimalistHostingAgreement
  26. SystemAdministration/Procedures
  27. SystemAdministration/Procedures/DNSChanges
  28. SystemAdministration/Procedures/SoftwarePatches
  29. SystemAdministration/SshHostKeyList
  30. SystemAdministration/Systems
  31. SystemAdministration/Systems/Arbitration
  32. SystemAdministration/Systems/Archive
  33. SystemAdministration/Systems/Blog
  34. SystemAdministration/Systems/Board
  35. SystemAdministration/Systems/Bugs
  36. SystemAdministration/Systems/CATS
  37. SystemAdministration/Systems/Cisco1_and_2
  38. SystemAdministration/Systems/Coaudit
  39. SystemAdministration/Systems/Community
  40. SystemAdministration/Systems/Development
  41. SystemAdministration/Systems/Development/Prepare
  42. SystemAdministration/Systems/Email
  43. SystemAdministration/Systems/Emailout
  44. SystemAdministration/Systems/Git
  45. SystemAdministration/Systems/Hopper
  46. SystemAdministration/Systems/Infra01
  47. SystemAdministration/Systems/Infra02
  48. SystemAdministration/Systems/Irc
  49. SystemAdministration/Systems/Ircserver
  50. SystemAdministration/Systems/Issue
  51. SystemAdministration/Systems/Jenkins
  52. SystemAdministration/Systems/Ldap
  53. SystemAdministration/Systems/Lists
  54. SystemAdministration/Systems/Logger
  55. SystemAdministration/Systems/Monitor
  56. SystemAdministration/Systems/Ns
  57. SystemAdministration/Systems/Ocsp
  58. SystemAdministration/Systems/Pad
  59. SystemAdministration/Systems/SLS
  60. SystemAdministration/Systems/Signer
  61. SystemAdministration/Systems/Sun1
  62. SystemAdministration/Systems/Sun2
  63. SystemAdministration/Systems/Sun3
  64. SystemAdministration/Systems/Sun4
  65. SystemAdministration/Systems/Svn
  66. SystemAdministration/Systems/Test
  67. SystemAdministration/Systems/Translations
  68. SystemAdministration/Systems/Translingo
  69. SystemAdministration/Systems/Web
  70. SystemAdministration/Systems/Webdb
  71. SystemAdministration/Systems/Webstatic
  72. SystemAdministration/Systems/Wiki
  73. SystemAdministration/Systems/Wiki/update201009
  74. SystemAdministration/Systems/ca-mgr1-test
  75. SystemAdministration/Systems/cacert1-test
  76. SystemAdministration/Systems/cacert2-test
  77. SystemAdministration/Systems/fiddle
  78. SystemAdministration/Systems/git
  79. SystemAdministration/Systems/template
  80. SystemAdministration/Team
  81. Technology/Laboratory/Hardware/InfrastructureHost/Infra-redevelopment-plan
  82. Technology/Laboratory/Hardware/InfrastructureHost/Vienna1
  83. WeakKeys
  84. WeakKeys/SmallExponent
  85. WeakKeys/SmallKey
  86. comma/Arsenal/IRC
  87. comma/Arsenal/IRC/improvement


How to become team member

Critical Roles

SP says that board has to approve ABC'd roles:

Board or t/l has to start the process with filing a dispute for ABC over new candidate.

Non-critical roles

Please contact Non-Critical-Infrastructure t/l

eg for becoming

Non-critical t/l will check the candidates and provide the access.

SystemAdministration (last edited 2016-05-08 16:40:58 by JanDittberner)