github-personal/labca
1
0
Fork 0
mirror of https://github.com/outbackdingo/labca.git synced 2026-01-27 10:19:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6d72d323985d559ff3b4ff8f3fbf8a8993aaa32e
labca/gui/static/certs/index.html
Arjan H 6d72d32398 Use ceremony tool for generating keys and certs; store keys on SoftHSM 
Replace openssl certificate / CRL generation with the tool as used by
Let's Encrypt, storing the keys on SoftHSMv2, a simulated HSM (Hardware
Security Module).
Include migration of old setups where key files were also stored on
disk.
2025-01-31 20:44:48 +01:00

109 lines
5.0 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="LabCA is a private Certificate Authority for internal (intranet) use, based on the open source ACME Automated Certificate Management Environment implementation from Let's Encrypt (tm).">
<meta name="keywords" content="LabCA PKI CA Certificate Authority ACME Boulder">
<meta name="author" content="Arjan Hakkesteegt">
<title>Certificates | LabCA</title>
<link href="../css/bootstrap.min.css" rel="stylesheet">
<link href="../css/sb-admin-2.min.css" rel="stylesheet">
<link href="../css/font-awesome.min.css" rel="stylesheet" type="text/css">
<link href="../css/labca.css" rel="stylesheet">
<link rel="icon" type="image/png" href="../img/fav-public.png">
</head>
<body>
<div id="wrapper">
<nav class="navbar navbar-default navbar-static-top" role="navigation" style="margin-bottom: 0">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="/"><!-- BEGIN WEBTITLE -->LabCA<!-- END WEBTITLE --></a>
</div>
<ul class="nav navbar-top-links navbar-right">
<li title="Login to Admin Area"><a href="/admin/"><i class="fa fa-user fa-fw admin-login"></i></a>
</li>
</ul>
<div class="navbar-default sidebar" role="navigation">
<div class="sidebar-nav navbar-collapse">
<ul class="nav" id="side-menu">
<li><a class="public" href="/"><i class="fa fa-home fa-fw"></i> Home</a>
</li>
<li><a class="public" href="/certs/index.html"><i class="fa fa-download fa-fw"></i> Certificates</a>
</li>
<li><a class="public" href="/cps/index.html" title="Certification Practice Statement"><i class="fa fa-book fa-fw"></i> CPS</a>
</li>
<li><a class="public" href="/terms/v1" title="Usage Terms"><i class="fa fa-edit fa-fw"></i> Terms</a>
</li>
</ul>
</div>
</div>
</nav>
<div id="page-wrapper">
<div class="row">
<div class="col-lg-12">
<h1 class="page-header">PKI Certificates</h1>
<p>These are the Certification Authorities for this PKI (Public Key Infrastructure) instance:</p>
<table class="table table-striped table-bordered">
<thead><tr>
<th>CA Type</th>
<th>Distinguished Name</th>
<th>Certificate File</th>
<th>Validity Period</th>
<th>CRL</th>
<th>CRL Validity</th>
</tr></thead>
<tbody>
<tr>
<td>Root CA</td>
<td><!-- BEGIN PKI_ROOT_DN -->PKI_ROOT_DN<!-- END PKI_ROOT_DN --></td>
<td><!-- BEGIN PKI_ROOT_LINK --><a class="public" href="root-01-cert.pem">root-01-cert.pem</a><!-- END PKI_ROOT_LINK --></td>
<td><!-- BEGIN PKI_ROOT_VALIDITY -->PKI_ROOT_VALIDITY<!-- END PKI_ROOT_VALIDITY --></td>
<td><!-- BEGIN PKI_ROOT_CRL_LINK --><!-- END PKI_ROOT_CRL_LINK --></td>
<td><!-- BEGIN PKI_ROOT_CRL_VALIDITY --><!-- END PKI_ROOT_CRL_VALIDITY --></td>
</tr>
<tr>
<td>Issuing CA</td>
<td><!-- BEGIN PKI_INT_DN -->PKI_INT_DN<!-- END PKI_INT_DN --></td>
<td><!-- BEGIN PKI_INT_LINK --><a class="public" href="issuer-01-cert.pem">issuer-01-cert.pem</a><!-- END PKI_INT_LINK --></td>
<td><!-- BEGIN PKI_INT_VALIDITY -->PKI_INT_VALIDITY<!-- END PKI_INT_VALIDITY --></td>
<td><!-- BEGIN PKI_INT_CRL_LINK --><!-- END PKI_INT_CRL_LINK --></td>
<td><!-- BEGIN PKI_INT_CRL_VALIDITY --><!-- END PKI_INT_CRL_VALIDITY --></td>
</tr>
</tbody>
</table>
<p>
To trust the certificates provided by <!-- BEGIN WEBTITLE -->LabCA<!-- END WEBTITLE -->, all your client devices
should install the root certificate in their <b>Trusted Root Certification Authorities</b> store.
</p>
<p>
The CRL (Certificate Revocation List) is a type of blocklist that includes certificates that should no longer be
trusted (have been revoked before their expiration date) and is used by various endpoints, including web browsers.
The issuer CRL is refreshed on a regular basis.
</p>
</div>
</div>
</div>
</div>
<script src="../js/jquery.min.js"></script>
<script src="../js/bootstrap.min.js"></script>
<script src="../js/metisMenu.min.js"></script>
<script src="../js/sb-admin-2.min.js"></script>
<script src="../js/labca.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink