On 03/05/18 06:34, Nicolas Kovacs wrote:
Le 05/03/2018 à 13:30, Nux! a écrit :
You could probably just drop your CA cert in the filesystem and run a couple of commands to get it imported, rather than having to import the CA in the browsers individually. You could probably deliver it via yum/rpm or better yet, ansible or even some shell script.
I will have to use this in environments with mainly Windows, OS X and iOS clients. I'm still thinking about how to do this, but I guess I'll just setup a local web page on the server, with a link to download the certificate file and short instructions on how to install it on the most common browsers (Internet Explorer, Edge, Firefox, Chrome, Safari, ...).
Sorry, I missed the beginning of this thread. This sounds to me like running one's own Certification Authority. I did that a while ago for over a decade. However, these days one may consider
- you will have to run web server to have certificate signed by them, but pointing other services to use that same certificate/secret key pair will work.
Just my $0.02
Valeri
Niki