[107016] in North American Network Operators' Group
Re: Open Source CA / PKI
daemon@ATHENA.MIT.EDU (Julien Goodwin)
Wed Aug 20 01:09:23 2008
Date: Wed, 20 Aug 2008 15:09:13 +1000
From: Julien Goodwin <nanog@studio442.com.au>
To: Jon.Kibler@aset.com, nanog@nanog.org
In-Reply-To: <48AA9124.7010608@aset.com>
Errors-To: nanog-bounces@nanog.org
On 19/08/08 19:23, Jon Kibler wrote:
> I am looking at deploying an open source CA/PKI for a client. It would
> be only for internal users and systems. It would have to manage a few
> hundred certificates against the organization's self-signed root cert.
> It would be installed on a CentOS 5.x platform.
>
> I have looked at OpenCA and Dogtag. Any other packages I should look at?
I've used pyca on debian, however it needs a few scripts to better
automate bits of key management, unfortunately I didn't get those
released by my former employer (although I'm sure I could arrange it).
It's really lightweight and for the few dozen certs was easy for the
sysadmins to self-manage.
