[aklug] Re: Certificate Management

From: Erinn Looney-Triggs <erinn.looneytriggs@gmail.com>
Date: Mon Jun 30 2014 - 07:43:06 AKDT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Depending on what your needs are, scale etc. I have a couple of
suggestions.

FreeIPA is an identity management solution with PKI tacked on, this
would be more holistic, centralizing Identities for systems, kerberos
for auth etc. The PKI piece is integrated into fedora/RHEL systems via
a utility called certmonger, the web UI, as I understand it for the
PKI portion is better in the newer realeses, but I have not seen it.
This may be overkill for your needs.

TinyCA is another utility I have used, it is not we based but instead
a small PERL program with a GUI. As the name sort of implies it is
designed for small installation needs, but I used it just fine for
about 100 hosts or so.

Those are the ones I know,
- -Erinn

On 6/29/2014 11:56 PM, Scott A. Johnson wrote:
> Does anyone have a FOSS package recommendation for private PKI/CA
> issuance/management? Strong preference for a web management
> interface.
>
> I looked into OpenCA but the project seems to be abandoned.
>
> Scott
>
> -- Scott A. Johnson scott.a.johnson@gmail.com
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJTsYWKAAoJEFg7BmJL2iPOfoMIAJbt94ijDidp81f4TY4g94kV
x1oVGzSqQmQXz8eHR6QXT4MLu/n+i3HFFoPe2WP3jPnorpkITHhY2LYmjxX/sNFk
j8Qvr3KAS8zPhjPsLhPuC+TIy+XlNkYXA3T3mqGEltJ8MHeVucffP4x9GaoBH5Q/
NnQ2Wfp/IoKHht15sVpaZyLYpP6Q1rbKFBdcaFsbg8sxEGoTI8oq3ZvoNCddMh7i
oyveGjKgziXlC2rkf7jWy2Jd0GiVDJN+H5AaLa6dxhy5YNWLkGQcBIqJ7xX8cA3D
jF6fltqR+sx/N4y0nm7YlXleAvwzKhUkpTE/2rWzYD+6C2gW6YkwP+2d6ryHhaY=
=BvBs
-----END PGP SIGNATURE-----
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Jun 30 07:43:41 2014

This archive was generated by hypermail 2.1.8 : Mon Jun 30 2014 - 07:43:41 AKDT