Comment on Do you run a private CA? Could you tell me about your certificate setup if you do?
freeman@lemmy.pub 1 year ago
I run easy-rsa on a linux box. Just manually generate CSR’s and sign them via SSH.
And simply trust the CA cert in windows, linux and whatever extra places (normally firefox cert store).
Post the crl.pem to /var/www/html/ and let NGINX use that.
MigratingtoLemmy@lemmy.world 1 year ago
Could you tell me what you mean by “signing with SSH”?
freeman@lemmy.pub 1 year ago
Copy them to the box. Sign them. Copy the cert file off the box back to the requester.