This program (based on the answers received to a StackExchange question) allows you to easily set up an internal SSL certificate authority.

By using a single root certificate, it is possible to configure the client to consider such certificate, plus all the "sub/derived certificates", valid. In this way, it is possible to configure the client to accept a single certificate. Implicitly, each derived certificate will be considered valid by the client, without further configuration.

Configuration is accomplished by customizing the relative section on the generatekey.sh file.

Two steps are involved.

Each certificate will be stored in the certs folder.

Before generating the SSL certificates for adopted services, it is required to generate the root certificate.

sh generatekey.sh --root

Hence, it is possible to generate a certificate samplecertificate for a domain example.com by using the following command.

sh generatekey.sh samplecertificate example.com

In general, you can follow the relative guide on Kerio, covering root certificates import on various operating systems.

You can find me on Twitter as @auino.