easy-rsa
certify
Our great sponsors
| easy-rsa | certify | |
|---|---|---|
| 26 | 41 | |
| 3,881 | 1,448 | |
| 1.2% | 1.0% | |
| 9.4 | 9.7 | |
| 4 days ago | 8 days ago | |
| Shell | C# | |
| GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
easy-rsa
-
Running one’s own root Certificate Authority in 2023
Easy-rsa to the rescue. Been using it for a while, works great and makes life easier :)
Link: https://github.com/OpenVPN/easy-rsa
Summary from that page:
easy-rsa is a CLI utility to build and manage a PKI CA. In laymen's terms, this means to create a root certificate authority, and request and sign certificates, including intermediate CAs and certificate revocation lists (CRL).
-
How to invalidate the usage of a OpenVpn client without revoke it in the CA Server?
No, OpenVPN relies on the CA trust model. Anyone signed by the CA has access, unless they have been revoked (CRL): https://github.com/OpenVPN/easy-rsa/blob/master/doc/EasyRSA-Renew-and-Revoke.md
-
Best OpenVPN web UI for a small business
Then make do with the CLI. There might be some tooling to help you, e.g. https://github.com/OpenVPN/easy-rsa
-
AMA/Brown Bag: OpenVPN / EasyRSA
Hey folks. I'm one of the authors for Mastering OpenVPN, the author of Troubleshooting OpenVPN, and the maintainer of EasyRSA. In light of Apollo and other 3rd party apps going dark on the 30th, I figured I'd "turn in my notice" on Reddit and do the normal sysadmin data dump/brown bag before I'm gone. I've really enjoyed this group and hope things get sorted in the long run.
-
PFSense Tutorial - Self signing of SSL/TLS Certificate (cause not all have the money to buy one) - https://youtu.be/aj5FUFMn9f0
Correct. That applies to OpenVPN. There's a tool that OpenRSA maintains that help with creating those certificates, EasyRSA: https://github.com/OpenVPN/easy-rsa
-
Invalid Security Certificate Warnings are ANNOYING
Regarding the keys, csr and certificates it's pretty easy to manage them with easy-rsa (https://github.com/OpenVPN/easy-rsa)
-
How to import server or client certificate on AWS Certificate Manager (ACM)
$ git clone https://github.com/OpenVPN/easy-rsa.git
-
How to manage lots of self-signed certificates
Depending on your use case, either https://github.com/FiloSottile/mkcert or https://github.com/OpenVPN/easy-rsa
-
Totally local web server on HTTPS.
If you can add CAs to the hosts that will access this server, you can be your own certificate authority. mkcert is good, as mentioned elsewhere, or you can go all out: https://github.com/OpenVPN/easy-rsa
- Private CA management
certify
-
Seeking Guidance: SSL Certification for a Local Server in Windows 2019 Data Center Environment
Option 2+: If your public DNS is hosted by a provider that has Win-ACME or Certify the Web support, use Let's Encrypt and automate the whole thing.
- Renew SSL Exchange 2016 - cmdlet
-
Google Pushing For 90 Day SSL/TLS Certificates - Time For Automation
I use certify the web for the rd gateway
-
How will you handle 90 day SSL expiration?
For Exchange and Remote Desktop Service we are using Certify The Web with Lets Encrypt. Works really well.
-
SSL Certificates, who's responsibility to maintain on server?
Certify the Web: https://certifytheweb.com/
- LDAPS Certificate auto-renews but not to NTDS Personal Store
-
Is open source really a gimmick these days for getting initial traction?
https://certifytheweb.com Felt like a complete bait-and-switch to me.
- Exchange 2019 Hybrid Certificate Renewal
-
DigiCert Certificate Management
If you're managing Windows Servers and need certificates on them, ditch what you're doing and get this: https://certifytheweb.com
-
Ask HN: What are your “scratch own itch” projects?
It's worth doing! A few projects I've done:
I once needed a database of EV charging locations, but at the time(2011) there were no open databases, so I built https://openchargemap.org, that now serves millions of API queries per month for other apps and services
For another project, I recently wanted to control my guitar amp (a Positive Grid Spark) from my computer instead of using a mobile app, so I built https://soundshed.com which is both a bluetooth web app and an electron app you can install. It now has a few thousand users :)
And finally, another time I had some SSL certificates I needed to manage for another project (for the above mentioned https://openchargemap.org), so I built a GUI to manage and renew certificates on Windows. It's now a commercial app with hundreds of thousands of users and it's my full time job: https://certifytheweb.com
So yeah, worth doing!
What are some alternatives?
OpenSSL - TLS/SSL and crypto library
win-acme - A simple ACME client for Windows (for use with Let's Encrypt et al.)
cfssl - CFSSL: Cloudflare's PKI and TLS toolkit
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
FreeIPA - Mirror of FreeIPA, an integrated security information management solution
Posh-ACME - PowerShell module and ACME client to create certificates from Let's Encrypt (or other ACME CA)
LetsEncrypt-PRTG - Post request script to install an SSL certificate obtained with Certify the Web or win-acme in PRTG.
BounCA - BounCA is a web tool to generate self-signed SSL certificates and setup a key infrastructure
acme.sh - A pure Unix shell script implementing ACME client protocol
certificates - 🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.