Local CA on Gentoo

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Local CA on Gentoo

Vinícius Ferrão
Hi peeps,

I would like to know if someone successfully implemented a Local CA to sign services and servers using Gentoo or other Linux.

I'm currently in a Mixed Environment (we have: Windows 2008R2, OS X Lion, Linux and FreeBSD), and I really want a single solution, since I need certs for my servers, as example: a Postfix Mail Gateway, a W2k8 Domain Controller, Exchange Server, Mac OS X Time Machine Server, etc.

Thanks in advance,
Vinícius

smime.p7s (3K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Local CA on Gentoo

Denis Bondar
Hi-

As an option look at https://www.startssl.com/
It provides valid certs for free.

2012/2/10 Vinícius Ferrão <[hidden email]>
Hi peeps,

I would like to know if someone successfully implemented a Local CA to sign services and servers using Gentoo or other Linux.

I'm currently in a Mixed Environment (we have: Windows 2008R2, OS X Lion, Linux and FreeBSD), and I really want a single solution, since I need certs for my servers, as example: a Postfix Mail Gateway, a W2k8 Domain Controller, Exchange Server, Mac OS X Time Machine Server, etc.

Thanks in advance,
Vinícius



--
Kind regards,
Denis Bondar
Reply | Threaded
Open this post in threaded view
|

Re: Local CA on Gentoo

Ewald Wasscher
In reply to this post by Vinícius Ferrão
Hi,

IMHO EJBCA (http://www.ejbca.org) from the kind people at PrimeKey is
a very good open source CA solution. It is used in many large,
professional and certified/audited environments worldwide.

Regards,

Ewald



Op 10 feb. 2012 om 02:04 heeft "Vinícius Ferrão"
<[hidden email]> het volgende geschreven:

> Hi peeps,
>
> I would like to know if someone successfully implemented a Local CA to sign services and servers using Gentoo or other Linux.
>
> I'm currently in a Mixed Environment (we have: Windows 2008R2, OS X Lion, Linux and FreeBSD), and I really want a single solution, since I need certs for my servers, as example: a Postfix Mail Gateway, a W2k8 Domain Controller, Exchange Server, Mac OS X Time Machine Server, etc.
>
> Thanks in advance,
> Vinícius

Reply | Threaded
Open this post in threaded view
|

Re: Local CA on Gentoo

Ramon van Alteren
In reply to this post by Vinícius Ferrão
I did, but it is far from trivial to do right....
And even then the mess in certificate fields and the non-standard way
all kinds of implementations are done over various services sometimes
drives me insane.....

Anyway, if your needs are fairly simple (1-2 level CA + signing
certificates) I can definitly recommend xca:
http://xca.sourceforge.net/

I has reasonable documentation and a nice GUI. It also produces well
defined certificates and most importantly has the ability to revoke
certificates that you have issued...

If you stick it's database into a VCS you can share the work.

/Ramon

2012/2/10 Vinícius Ferrão <[hidden email]>:
> Hi peeps,
>
> I would like to know if someone successfully implemented a Local CA to sign services and servers using Gentoo or other Linux.
>
> I'm currently in a Mixed Environment (we have: Windows 2008R2, OS X Lion, Linux and FreeBSD), and I really want a single solution, since I need certs for my servers, as example: a Postfix Mail Gateway, a W2k8 Domain Controller, Exchange Server, Mac OS X Time Machine Server, etc.
>
> Thanks in advance,
> Vinícius