asyd.net

Welcome to Bruno Bonfils's (aka asyd homepage).

Trace: » asyd-ca

This is an old revision of the document!

asyd-ca.pl

This is a little perl script to manage a Certification Authority using the openssl command. Though, unlike CA.[sh|pl] (from OpenSSL) it is very simple to use, and it ask only few questions. It comes with few templates files. One of these can be use to create wildcard certificates.

Features

Few requirements : Perl and Openssl
Very easy to use, no OpenSSL knowledges required, but theirs are welcome
asyd-ca.pl doesn't require Openssl templates

Demo

Configure CA informations

# ls -1
asyd-ca.pl
changes.log
templates
# vi templates/ca-req.cnf
[..]
emailAddress     = asyd@asyd.net
countryName      = FR
organizationName = asyd.net
commonName       = "asyd dot net CA"
localityName     = Paris

It's more or less the only file you need to edit. It's very easy, isn't it ?

Initialize Certification Autority

# ./asyd-ca.pl init
[openssl's output remove]
# ls -1
asyd-ca.pl
CA
certs
changes.log
keys
misc
pkcs12
reqs
templates

The content of each directory is explain below.

Create a certificat

Note: You can edit the file templates/simple.cnf, especially the field with _default suffix. These values are the default one (but can be override) used by openssl prompting for the certificat request informations.

Docs

Directories

CA
certs	Certs signed by the CA
keys	Keys for certificates created with asyd-ca.pl
misc/attic	Files removed with the subcommand
misc/serial	The next serial available
misc/index.txt	The CA database
pkcs12	PKCS12 files created with the pkcs12 subcommand
reqs	Certificates requests files

asyd.net

asyd-ca.pl

Features

Demo

Configure CA informations

Initialize Certification Autority

Create a certificat

Docs

Directories

Subcommands

Download

Roadmap

Discussion