Submit signing request
{% set s = authority.certificate.subject %}
To submit new certificate signing request:
export CN=$(hostname)
openssl genrsa -out $CN.key 4096
openssl req -new -sha256 -key $CN.key -out $CN.csr -subj "{% if s.C %}/C={{ s.C}}{% endif %}{% if s.ST %}/ST={{ s.ST}}{% endif %}{% if s.L %}/L={{s.L}}{% endif %}{% if s.O %}/O={{ s.O}}{% endif %}{% if s.OU %}/OU={{ s.OU}}{% endif %}/CN=$CN"
curl -H "Content-Type: application/pkcs10" -X POST -d "$(cat $CN.csr)" {{ request.url }}/request/
After signing the request
curl -f {{ request.url }}/signed/$CN > $CN.crt
Pending requests
{% for j in authority.get_requests() %}
-
{% include 'iconmonstr-time-13-icon.svg' %}
{{ j.get_dn() }}
{{ j.get_pubkey_fingerprint().upper() }}
Fetch
{{ j.key_length() }}-bit {{ j.key_type() }}
{% endfor %}
Signed certificates
{% for j in authority.get_signed() | sort | reverse %}
-
{% include 'iconmonstr-certificate-15-icon.svg' %}
{{ j.serial}} {{ j.get_dn() }}
{{ j.get_pubkey_fingerprint() }}
{{ j.key_length() }}-bit {{ j.key_type() }}
Fetch
{% for key, value in j.get_extensions() %}
{{key}}={{value}},
{% endfor %}
{% endfor %}
Revoked certificates
{% for serial, reason, timestamp in authority.get_revoked() %}
- {{ serial}} {{ reason }} {{ timestamp}}
{% endfor %}