x.509 certificate authority

[Vegan]

I was wondering, my Linux VM has to earn its keep. So now Google wants world+dog all using TLS 1.2 security I figure why not make my VM do something useful.

so instead of www, i figure ca.hardcoregames.biz could act as a certificate authority

found one manual with some ideas

https://networklessons.com/uncategorize ... tu-server/

any suggestions, references or packages?

[Christopher]

Like that link demonstrates, generating keys, etc. is all Open SSL, and then NTP of you want to run your own nameserver. Not sure why you want to do that given that certificates can be gotten for free these days.

[Vegan]

I was looking at mechanizing certificates for a portfolio of websites which need certificates

It seems to be overkill needing a certificate for say a recipe site etc, do not see why Google is so arrogant about it

[Christopher]

I was looking at mechanizing certificates for a portfolio of websites which need certificates

They won't be accepted by browsers, but they can work if the users understand that they are still encrypted and allow the browser exception.

It seems to be overkill needing a certificate for say a recipe site etc, do not see why Google is so arrogant about it

Not arrogant, just trying to encourage the simplest rule that eliminates common mistakes not encrypting pages that should be.

[Vegan]

All I know is that I have now created the basics for a CA but I am still trying to put the rest of the components together

my private certificate is set for 10 years so i can ignore that for a while