Feedback on a Self-signed SSL CA?

Stephen Warren swarren at wwwdotorg.org
Mon Jun 13 11:05:33 MDT 2022


On 6/11/22 11:18, Sean Reifschneider wrote:
> At work we use self-signed certificates for internal and developer use.  
> I inherited some scripts that wrapped the openssl CLI but weren't 
> supporting new uses like the prevalence of Subject Alternatives Names.
> 
> So I reimagined it and have published what I have so far here: 
> https://github.com/linsomniac/rgca <https://github.com/linsomniac/rgca>
...
> Looking for feedback on the direction this is going in.

I've always used easy-rsa for this. Does it support your use-case? It's 
possible it would benefit from some wrapper scripts to provide common 
options or make the interface friendlier, and I haven't used SANs with 
it, since I switched to Letsencrypt before needing SANs.

https://github.com/OpenVPN/easy-rsa


More information about the NCLUG mailing list