Hi all,
I'm currently starting to create a PKI and want to have one root ca (level
0) and several intermediate certificates (level 1) below the CA. Currently
the sample setup of openxpki creates one root CA and one intermediate CA
(openxpki calls it *signer*) which actually signs all the certificates you
create.
Since we have a lot of subjects (different vpns, ssl certificates
(webserver and user)) to cover I thought about creating an intermediate CA
for each subject to have it separated.
The question now is: How could I solve this with Openxpki?
Currently I can't see an option for using multiple signer certs within one
realm (At first I thought one realm=one CA). The only way I can think of to
achieve this is to create one realm for each intermediate CA and create for
everey realm one token which links to the actual one and only root ca token
imported first.
Is this a way to go or maybe the intended way of handling multiple
intermediate CAs?
Any insights are appreciated!
Regards
Thomas
------------------------------------------------------------------------------
Start Your Social Network Today - Download eXo Platform
Build your Enterprise Intranet with eXo Platform Software
Java Based Open Source Intranet - Social, Extensible, Cloud Ready
Get Started Now And Turn Your Intranet Into A Collaboration Platform
http://p.sf.net/sfu/ExoPlatform
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
