How to set up my own full-featured certificate authority?
Solution 1
You can use TinyCA, a graphical front-end for OpenSSL that lets you manage the tasks of a certificate authority.
Beware that the TinyCA website seems hard to reach at times.
Solution 2
I recommend using OpenCA and here is the install guide. This is a full fledge PKI suite, which includes an OCSP server to immediately revoke certificates. It also has a PKI Resource Protocol server. I have personally used OpenCA and it is what you want.
If you really like RedHat and Java then you might want to go with RedHat Certificate System.
Solution 3
Have a look at this: http://novosial.org/openssl/ca/
And for the entire work flow: http://novosial.org/openssl/
Related videos on Youtube
Gargaroz
Updated on September 17, 2022Comments
-
Gargaroz over 1 year
I'd like to set up a certificate authority, which I can then import to all the company's browsers and systems to get rid of all those nasty client warnings when using HTTPS or SSL.
-
G__ almost 13 yearsLinks are broken as of 5/11
-
tacotuesday over 10 yearsmm.cs.dartmouth.edu/wiki/index.php/Installing_OpenCA link is no longer working as of 10/14/2013 or sooner.