Table of Contents

ACM PKI

Project Member(s)

*Project Not Yet Picked Up*

Purpose

A private in-house certificate authority allows for the use of SSL between internal servers without the need of purchasing certificates from a public CA. Managing this CA and the resulting certificates, however, provides some problems. Such as: updating certificates when they have expired, deploying new cert versions cleanly, publishing a Certificate Revocation List for your CA, and simply keeping track of them all. While one or more custom CAs currently exists, for the wifi and VPNs for example, they are managed manually and are not centralized. This project is meant to solve this problem and improve the ACM inferstructure making it more robust and allowing for easy and clean creation, deployment, and revocation.

Software looked at so far

Foreman/Puppet

XCA

GnoMint

EJBCA

Concepts

Resources

https://wiki.archlinux.org/index.php/Create_a_Public_Key_Infrastructure_Using_the_easy-rsa_Scripts

https://wiki.samba.org/index.php/Configuring_LDAP_over_SSL_%28LDAPS%29_on_a_Samba_AD_DC

Progress

*Fill in when updates to document*