Re: Open Source CA / PKI

• From: Julien Goodwin
• Date: Wed Aug 20 01:09:21 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

On 19/08/08 19:23, Jon Kibler wrote:
> I am looking at deploying an open source CA/PKI for a client. It would
> be only for internal users and systems. It would have to manage a few
> hundred certificates against the organization's self-signed root cert.
> It would be installed on a CentOS 5.x platform.
> 
> I have looked at OpenCA and Dogtag. Any other packages I should look at?
I've used pyca on debian, however it needs a few scripts to better
automate bits of key management, unfortunately I didn't get those
released by my former employer (although I'm sure I could arrange it).

It's really lightweight and for the few dozen certs was easy for the
sysadmins to self-manage.

• References:
  • Open Source CA / PKI Jon Kibler

• Prev by Date: Re: uTorrent, IPv6
• Next by Date: Re: Is it time to abandon bogon prefix filters?
• Date Index
• Thread Index
• Author Index
• Historical