I got lazy and rolled my own scripts.
I wanted something that would have multiple levels (Ultimate authority -> Signing authority -> signed certs)
and would have a nice generic configuration method to provide me with the strongest certs I could make,
with all of the security features I needed.
I currently only use it to generate certs for applications like apache, postfix, dovecot, etc, where a CSR is
not pre-generated by the requestor.
I suppose it's not terribly difficult to use an external CSR here (just pop it into the 'requests' directory, and
add the name to the master list, and it'd auto-generate on next run with defaults)
I just never needed a web-app to do something that the command line does so much easier.
Of course, if I was issuing private user certs, that'd be different. But I'm not.
From: aklug-bounce@aklug.org [mailto:aklug-bounce@aklug.org] On Behalf Of Scott A. Johnson
Sent: Sunday, June 29, 2014 10:56 PM
To: Aklug
Subject: [aklug] Certificate Management
Does anyone have a FOSS package recommendation for private PKI/CA issuance/management? Strong preference for a web management interface.
I looked into OpenCA but the project seems to be abandoned.
Scott
--
Scott A. Johnson
scott.a.johnson@gmail.com<mailto:scott.a.johnson@gmail.com>
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Jun 30 08:18:09 2014
This archive was generated by hypermail 2.1.8 : Mon Jun 30 2014 - 08:18:09 AKDT