This program (based on the answers received to a StackExchange question) allows you to easily set up an internal SSL certificate authority.
By using a single root
certificate, it is possible to configure the client to consider such certificate, plus all the "sub/derived certificates", valid.
In this way, it is possible to configure the client to accept a single certificate.
Implicitly, each derived certificate will be considered valid by the client, without further configuration.
Configuration is accomplished by customizing the relative section on the generatekey.sh
file.
Two steps are involved.
Each certificate will be stored in the certs
folder.
Before generating the SSL certificates for adopted services, it is required to generate the root certificate.
sh generatekey.sh --root
Hence, it is possible to generate a certificate samplecertificate
for a domain example.com
by using the following command.
sh generatekey.sh samplecertificate example.com
In general, you can follow the relative guide on Kerio, covering root certificates import on various operating systems.
You can find me on Twitter as @auino.