Page 1 of 1

x.509 certificate authority

Posted: Tue Jul 24, 2018 3:47 pm
by Vegan
I was wondering, my Linux VM has to earn its keep. So now Google wants world+dog all using TLS 1.2 security I figure why not make my VM do something useful.

so instead of www, i figure ca.hardcoregames.biz could act as a certificate authority

found one manual with some ideas

https://networklessons.com/uncategorize ... tu-server/

any suggestions, references or packages?

Re: x.509 certificate authority

Posted: Tue Jul 31, 2018 11:26 am
by Christopher
Like that link demonstrates, generating keys, etc. is all Open SSL, and then NTP of you want to run your own nameserver. Not sure why you want to do that given that certificates can be gotten for free these days.

Re: x.509 certificate authority

Posted: Wed Aug 15, 2018 5:23 pm
by Vegan
I was looking at mechanizing certificates for a portfolio of websites which need certificates

It seems to be overkill needing a certificate for say a recipe site etc, do not see why Google is so arrogant about it

Re: x.509 certificate authority

Posted: Thu Aug 16, 2018 4:27 pm
by Christopher
Vegan wrote:I was looking at mechanizing certificates for a portfolio of websites which need certificates
They won't be accepted by browsers, but they can work if the users understand that they are still encrypted and allow the browser exception.
Vegan wrote:It seems to be overkill needing a certificate for say a recipe site etc, do not see why Google is so arrogant about it
Not arrogant, just trying to encourage the simplest rule that eliminates common mistakes not encrypting pages that should be.

Re: x.509 certificate authority

Posted: Mon Aug 20, 2018 10:10 pm
by Vegan
All I know is that I have now created the basics for a CA but I am still trying to put the rest of the components together

my private certificate is set for 10 years so i can ignore that for a while