Comment on Do you run a private CA? Could you tell me about your certificate setup if you do?
freeman@lemmy.pub 6 months ago
I run easy-rsa on a linux box. Just manually generate CSR’s and sign them via SSH.
And simply trust the CA cert in windows, linux and whatever extra places (normally firefox cert store).
Post the crl.pem to /var/www/html/ and let NGINX use that.
MigratingtoLemmy@lemmy.world 6 months ago
Could you tell me what you mean by “signing with SSH”?
freeman@lemmy.pub 6 months ago
Copy them to the box. Sign them. Copy the cert file off the box back to the requester.