[gentoo-server] Local CA on Gentoo

[gentoo-server] Local CA on Gentoo

[Vinícius Ferrão]

[-- Attachment #1: Type: text/plain, Size: 453 bytes --]

Hi peeps,

I would like to know if someone successfully implemented a Local CA to sign services and servers using Gentoo or other Linux.

I'm currently in a Mixed Environment (we have: Windows 2008R2, OS X Lion, Linux and FreeBSD), and I really want a single solution, since I need certs for my servers, as example: a Postfix Mail Gateway, a W2k8 Domain Controller, Exchange Server, Mac OS X Time Machine Server, etc.

Thanks in advance,
Vinícius

[-- Attachment #2: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 2327 bytes --]

Re: [gentoo-server] Local CA on Gentoo

[Denis Bondar]

[-- Attachment #1: Type: text/plain, Size: 674 bytes --]

Hi-

As an option look at https://www.startssl.com/
It provides valid certs for free.

2012/2/10 Vinícius Ferrão <viniciusferrao@cc.if.ufrj.br>

> Hi peeps,
>
> I would like to know if someone successfully implemented a Local CA to
> sign services and servers using Gentoo or other Linux.
>
> I'm currently in a Mixed Environment (we have: Windows 2008R2, OS X Lion,
> Linux and FreeBSD), and I really want a single solution, since I need certs
> for my servers, as example: a Postfix Mail Gateway, a W2k8 Domain
> Controller, Exchange Server, Mac OS X Time Machine Server, etc.
>
> Thanks in advance,
> Vinícius




-- 
Kind regards,
Denis Bondar

[-- Attachment #2: Type: text/html, Size: 1020 bytes --]

Re: [gentoo-server] Local CA on Gentoo

[Ewald Wasscher]

Hi,

IMHO EJBCA (http://www.ejbca.org) from the kind people at PrimeKey is
a very good open source CA solution. It is used in many large,
professional and certified/audited environments worldwide.

Regards,

Ewald



Op 10 feb. 2012 om 02:04 heeft "Vinícius Ferrão"
<viniciusferrao@cc.if.ufrj.br> het volgende geschreven:

> Hi peeps,
>
> I would like to know if someone successfully implemented a Local CA to sign services and servers using Gentoo or other Linux.
>
> I'm currently in a Mixed Environment (we have: Windows 2008R2, OS X Lion, Linux and FreeBSD), and I really want a single solution, since I need certs for my servers, as example: a Postfix Mail Gateway, a W2k8 Domain Controller, Exchange Server, Mac OS X Time Machine Server, etc.
>
> Thanks in advance,
> Vinícius

Re: [gentoo-server] Local CA on Gentoo

[Ramon van Alteren]

I did, but it is far from trivial to do right....
And even then the mess in certificate fields and the non-standard way
all kinds of implementations are done over various services sometimes
drives me insane.....

Anyway, if your needs are fairly simple (1-2 level CA + signing
certificates) I can definitly recommend xca:
http://xca.sourceforge.net/

I has reasonable documentation and a nice GUI. It also produces well
defined certificates and most importantly has the ability to revoke
certificates that you have issued...

If you stick it's database into a VCS you can share the work.

/Ramon

2012/2/10 Vinícius Ferrão <viniciusferrao@cc.if.ufrj.br>:
> Hi peeps,
>
> I would like to know if someone successfully implemented a Local CA to sign services and servers using Gentoo or other Linux.
>
> I'm currently in a Mixed Environment (we have: Windows 2008R2, OS X Lion, Linux and FreeBSD), and I really want a single solution, since I need certs for my servers, as example: a Postfix Mail Gateway, a W2k8 Domain Controller, Exchange Server, Mac OS X Time Machine Server, etc.
>
> Thanks in advance,
> Vinícius