-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings, I am looking at deploying an open source CA/PKI for a client. It would be only for internal users and systems. It would have to manage a few hundred certificates against the organization's self-signed root cert. It would be installed on a CentOS 5.x platform. I have looked at OpenCA and Dogtag. Any other packages I should look at? Does anyone have any opinions as to the pros and cons of either of these packages or thoughts/comments/experience with other similar packages? I would especially be interested in your experience with building / installing the package and your opinion of the documentation available. TIA for your help! Jon Kibler - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-224-2494 s: 843-564-4224 My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkiqkSQACgkQUVxQRc85QlPlGACgoAFitZXNLnEJfxKXgah00Vi8 dl4AniBPAJ3zy6krTKkFY3JQRdHAU6b9 =PGoy -----END PGP SIGNATURE-----
On 19/08/08 19:23, Jon Kibler wrote:
I am looking at deploying an open source CA/PKI for a client. It would be only for internal users and systems. It would have to manage a few hundred certificates against the organization's self-signed root cert. It would be installed on a CentOS 5.x platform.
I have looked at OpenCA and Dogtag. Any other packages I should look at? I've used pyca on debian, however it needs a few scripts to better automate bits of key management, unfortunately I didn't get those released by my former employer (although I'm sure I could arrange it).
It's really lightweight and for the few dozen certs was easy for the sysadmins to self-manage.
participants (2)
-
Jon Kibler -
Julien Goodwin