So, as part of the MySQL SSL Replication series, I decided that I’d look up some open source CA systems. Because there must be something better than running openssl –fifty –thousand –options –with –no –memory –or –chceking
I found OpenCA/OpenPKI ,which looked interesting. Except as I tried to set it up, the Ubuntu distributions were in Redhat RPMs, and after converting them they don’t appear to be actual apps. They may have been framework prereqs of the app. But the downloading screens were singularly uninformative.
I also found EJBCA, which I haven’t tried out yet. Partially because OpenCA sounded decent, and I figured I’d try that first, since EJBCA looks to be a much larger Java/jboss application, and I don’t know JBoss offhand. I’ll let you know if I get it going, otherwise I’ll do the MySQL entries with openssl.
And I meant to post this yesterday, oops.