written in python, based on twitter bootstrap
Recently I've been working on some projects related to OpenSSL and Certification Authorities. The challenge is not related to the use of OpenSSL, which can be mastered by memorising a limited set of commands, but rather lies in the consequent use of these commands, maintaining the proper naming conventions, directory structure and options . . .
In this short how-to guide we will establish a Public Key Infrastructure based on OpenSSL. To keep things simple and straight forward we only define two levels (although many more are possible):
- A Root Certification Authority which is only used to sign certificates of subordinate intermediary Certification . . .
My notes to setup an OpenSSL Certificate Authority with CA private key stored on the Yubikey Neo with PIV applet
I'm currently looking for a way to use the Yubikey Neo as a smart card to store the private key of a Certificate Authority which can then subsequently be used to sign certificate requests. The CA is based on OpenSSL and therefore the Neo should integrate with OpenSSL as neatly as possible.
All the information you find here is . . .
something I wanted to avoid
Here we go... Several months of contemplating whether or not I'd actually start a blog or not have passed, and here we are. What held me back for so long? Many different reasons.
For starters I didn't, and still don't, think that my experiences are so extremely unique or that my insights will change your world. Also . . .