brent timothy saner on 12 Jun 2019 12:53:01 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Let's talk about certificate authorities


On 6/12/19 3:18 PM, JP Vossen wrote:
(SNIP)
> Here is some of my cheat sheet for the next time I have to do that same
> thing.  I'm not aware of any GUI stuff, but that's also not what I look
> for.  I'd be interested to hear your thoughts and results.  Preso?

FWIW, there are some GUIs:

https://sourceforge.net/projects/xca/
https://sourceforge.net/projects/gnomint/
https://opsec.eu/src/tinyca/

but i generally encourage people to use the openssl CLI utility to
manage their PKI/CA, at least until they get a hang of how the process
works.

i personally like using the OpenSSL module for python[0] for
creating/managing CAs.

another neat thing is Vault[1] has built-in CA functionality[2] if you
need something that has a web GUI, CLI utility, and a REST API. but
again, i recommend one starts with doing it with openssl CLI first to
get familiar with the general process.


[0] https://www.pyopenssl.org/en/stable/
[1] https://www.vaultproject.io/
[2] https://learn.hashicorp.com/vault/secrets-management/sm-pki-engine

Attachment: signature.asc
Description: OpenPGP digital signature

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug