Hello, this is a little bit off-topic (even if it have to work on CentOS ;-) I'm looking for a tool to manage a small Public Key Infrastructure, with creation/revocation of certificates X.509, export in PKCS#12 format and have the ability to handle CSR (Certificate Signing Request). I've wrote my own script to perform it (openssl command line based): it's a good way to underdstand concepts, but a little bit difficult to maintain and extend... After googling a bit, I found PHPki (http://www.sf.net/projects/phpki/), that is nicely web-based (php) but unfortunately, It does not handle CSR. What tool do you use to manage your PKI ? Thanks for your comments, clue or advices. Pierre Bourgin
On Mo, 2007-01-29 at 14:11 +0100, Pierre Bourgin wrote:> Hello, > > What tool do you use to manage your PKI ?I use tinyCA from http://tinyca.sm-zone.net/ and am very happy with it. Regards, Torsten
> I'm looking for a tool to manage a small Public Key Infrastructure, with > creation/revocation of certificates X.509, export in PKCS#12 format and have > the ability to handle CSR (Certificate Signing Request). > > What tool do you use to manage your PKI ?Have you looked at OpenCA? Website: <http://www.openca.org/> LiveCD: <http://www.dartmouth.edu/~deploypki/CA/InstallOpenCALiveCD.html> Barry
On Monday 29 January 2007 14:11, Pierre Bourgin wrote:> Hello, > > this is a little bit off-topic (even if it have to work on CentOS ;-) > > I'm looking for a tool to manage a small Public Key Infrastructure, with > creation/revocation of certificates X.509, export in PKCS#12 format and > have the ability to handle CSR (Certificate Signing Request). > > I've wrote my own script to perform it (openssl command line based): > it's a good way to underdstand concepts, but a little bit difficult to > maintain and extend... > > After googling a bit, I found PHPki (http://www.sf.net/projects/phpki/), > that is nicely web-based (php) but unfortunately, It does not handle CSR. > > What tool do you use to manage your PKI ? > > Thanks for your comments, clue or advices. > > Pierre Bourgin > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centosI'm using this little webbased cgi tool called webcert to create certs. Written in C but doesn't do revocation though. http://freshmeat.net/projects/webcert/ Regards, -- Paul Schoonderwoerd Pollux IT - Open Source solutions & Netwerkbeveiliging www.Pollux-IT.nl Tel. 0294-283832