This week I focused my study on the various file system to find out the limit of number of certificate that this application can hold. So I first started to search the Internet for the NTFS(New Technology File System) which is developed by Microsft. The quality that I am interested to study from this system is the maximum memory that a file can hold, and the maximum number of sub folder that a folder can have. Then I went to this website and found out that the maximum volume size of this is 256TB if using 64kb cluster. The Maximum file size is the same as the volume size.
Next I searched for the default file system for the majority Linux distribution. The ext3(third extended file system). The maximum volume size of this file system is 32TB. The maximum file size is 2 TB. With all this data I can roughly calculate the number of certificate that I can fit into the application. consider only the limitation of the volume, the number of certificate that can fit into the NTFS file system is 25.610^10 of certificates, where in ext3 is 3210^8 number of certificates. According to this, we have enough space to store the certificate that are create and revoked. This data are just taking account of the maximum size of the file system. But there is also a limit to the number of subfolder in a folder for every file system.
I found out that there is no fix limit of subfolder in a folder for the NTFS system from the link here. But I think that the process of getting the file will slow down as the number of file increases. So I went on with my search and found this website. It explains the operation of the file system and how to store a large number of file in this file system efficiently. But the optimum number of subfolder in a folder is roughly 10,000 for NTFS system.
for ext3 file system, I fund the solution on this website. although the number of maximum number of subfolder in a folder is higher compare to the NTFS file system. But it will have performance problem at 10,000 subfolder in a folder. With this we can conclude that the maximum number of certificate that we can have in this application is approximately 10,000 without any performance problem. but we can also increase the number of certificate hold by creating another active approot directory for another 10,000 certificate.
Besides my research on the file system. I also done some search on the SSL certificate verification process.
I found a few lines of code on this page regarding how to verify a self-signed certificate. I will try to study this line of coding in the future after I have done some tweak to the application. This few Line of code Utilized the SSL library and It will obtain the certificate from a client and verify the public key of the client certificate against the expected public key. This function can be added to the user page and verify the certificate of the user at the moment they are in this application. I am still trying to understand the coding and learning the SSL library.
For this week I will be mainly tweaking my application problems and will not go further into these research.