Have you ever wanted to create your own PKI (Public Key Infrastructure), including Root-CA and several Intermediate CAs, a working OCSP-Responder and a client certificate generator?

You don't want to dig too deep into the details of OpenSSL, instead just start setting up your PKI running a couple of scripts?

How to get the module

Use my ready-to-run batch scripts in order to create your own PKI (Public Key Infrastructure) including

  • Creation of Root-CA (issues the Intermediate CA)
  • Creation of several Intermediate-CAs (issues server/client/OCSP certificates)
  • Running an OCSP-Responder (Incl. checking the validity of certificates)
  • Issuing Server/Client certificates
  • Converting certificates from PEM to CRT format
  • Revoking certificates using an OCSP responder or a CRL (Certificate Revocation List)
  • Creating #PKCS12 keystores including certificates and the entire trust of chain

Your Intermediate CA is capable to issue as many client certificates as desired. Of course you can create several Intermediate CAs in order to structure your PKI!

Please make sure to keep your private keys (Especially Root-CA and Intermediate CAs) top-secret.

How to create your own PKI

  1. First of all, you need to install OpenSSL. Fetch it for UNIX (Official OpenSSL.org) or for Windows (Win32/64 OpenSSL)
  2. After installing the tool, add the OpenSSL binary to your PATH variable
  3. Run the batch scripts from the repository


See also

  • RDC (Remote Desktop Connection)
    How to to install a SSL certificate on Windows Server 2016

    If you always feel annoyed of clicking and accepting an unknown or at least untrusted SLL certificate on a RDP (Remote Desktop Protocol) connection negotiation, you can provide a SSL certificate at this place. This can either be a purchased one for your public domain or just a common, locally-used certificate.

    This guide shows how to put your certificate to a Microsoft Windows Server 2016 Standard (Build 14393) RDP connection.

  • Indikatorenverlauf
    Masterarbeit: Berechnung von Qualitätsindikatoren

    Meine Studienlaufbahn und somit auch das Masterstudium der Fachrichtung Medizininformatik an der OTH Regensburg wird mit der Masterarbeit abgeschlossen.

    Ihr Titel lautet "Entwicklung einer datenschutzkonformen Client-Server-Infrastruktur zur Berechnung von Qualitätsindikatoren der ambulanten Versorgung in heterogenen Praxisnetzen".

    Die in diesem Rahmen entwickelte Software bietet niedergelassenen Haus- und Fachärzten die Möglichkeit, die Versorgung ihrer Patienten durch die Analyse von Qualitätsindikatoren zu verbessern.

Cookies make it easier for us to provide you with our services. With the usage of our services you permit us to use cookies.