Skip to content

Create new organisation

Jump to bottom Edit New page
vmlintu edited this page Nov 25, 2010 · 1 revision

After initial setup Puavo-CA does is not configured to sign any organisation certificates. Puavo supports multiple organisations that need to be configured separately. Organisation CAs are always signed by the root CA and they are named as subdomains of the root CA.

In this example we configure the following CAs:

orgx.example.org
orgy.example.org
orgz.example.org

The organisation names should be written in file /etc/puavo-ca/example.org/organisations/LIST:

orgx
orgy
orgz

The names should be written in all lowercase and contain only ascii characters (a-z).

A makefile exists in the same directory and running make creates the required files and sets the permissions:

cd /etc/puavo-ca/example.org/organisations/LIST
make

This creates the following files:

ca.orgx.example.org-bundle.pem
ca.orgx.example.org.crt
ca.orgx.example.org.key
ca.orgy.example.org-bundle.pem
ca.orgy.example.org.crt
ca.orgy.example.org.key
ca.orgz.example.org-bundle.pem
ca.orgz.example.org.crt
ca.orgz.example.org.key

New organisations can be added to the LIST file at any time and after running make the organisations are configured.

Add a custom footer
Add a custom sidebar
Clone this wiki locally