Hello, this is a little bit off-topic (even if it have to work on CentOS ;-) I'm looking for a tool to manage a small Public Key Infrastructure, with creation/revocation of certificates X.509, export in PKCS#12 format and have the ability to handle CSR (Certificate Signing Request). I've wrote my own script to perform it (openssl command line based): it's a good way to underdstand concepts, but a little bit difficult to maintain and extend... After googling a bit, I found PHPki (sf.net/projects/phpki), that is nicely web-based (php) but unfortunately, It does not handle CSR. What tool do you use to manage your PKI ? Thanks for your comments, clue or advices. Pierre Bourgin
On Mo, 2007-01-29 at 14:11 +0100, Pierre Bourgin wrote:> Hello, > > What tool do you use to manage your PKI ?I use tinyCA from tinyca.sm-zone.net and am very happy with it. Regards, Torsten
> I'm looking for a tool to manage a small Public Key Infrastructure, with > creation/revocation of certificates X.509, export in PKCS#12 format and have > the ability to handle CSR (Certificate Signing Request). > > What tool do you use to manage your PKI ?Have you looked at OpenCA? Website: <openca.org> LiveCD: <dartmouth.edu/~deploypki/CA/InstallOpenCALiveCD.html> Barry
On Monday 29 January 2007 14:11, Pierre Bourgin wrote:> Hello, > > this is a little bit off-topic (even if it have to work on CentOS ;-) > > I'm looking for a tool to manage a small Public Key Infrastructure, with > creation/revocation of certificates X.509, export in PKCS#12 format and > have the ability to handle CSR (Certificate Signing Request). > > I've wrote my own script to perform it (openssl command line based): > it's a good way to underdstand concepts, but a little bit difficult to > maintain and extend... > > After googling a bit, I found PHPki (sf.net/projects/phpki), > that is nicely web-based (php) but unfortunately, It does not handle CSR. > > What tool do you use to manage your PKI ? > > Thanks for your comments, clue or advices. > > Pierre Bourgin > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > lists.centos.org/mailman/listinfo/centosI'm using this little webbased cgi tool called webcert to create certs. Written in C but doesn't do revocation though. freshmeat.net/projects/webcert Regards, -- Paul Schoonderwoerd Pollux IT - Open Source solutions & Netwerkbeveiliging Pollux-IT.nl Tel. 0294-283832