On 03/05/18 06:34, Nicolas Kovacs wrote: > Le 05/03/2018 à 13:30, Nux! a écrit : >> You could probably just drop your CA cert in the filesystem and run a >> couple of commands to get it imported, rather than having to import >> the CA in the browsers individually. You could probably deliver it >> via yum/rpm or better yet, ansible or even some shell script. > > I will have to use this in environments with mainly Windows, OS X and > iOS clients. I'm still thinking about how to do this, but I guess I'll > just setup a local web page on the server, with a link to download the > certificate file and short instructions on how to install it on the most > common browsers (Internet Explorer, Edge, Firefox, Chrome, Safari, ...). Sorry, I missed the beginning of this thread. This sounds to me like running one's own Certification Authority. I did that a while ago for over a decade. However, these days one may consider https://letsencrypt.org/ - you will have to run web server to have certificate signed by them, but pointing other services to use that same certificate/secret key pair will work. Just my $0.02 Valeri > > Niki > -- ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++