Submit signing request
{% set s = authority.certificate.subject %}
Assuming you have Certidude installed
certidude setup client {{request.url}}
To set up OpenVPN server
certidude setup openvpn server {{request.url}}
Or to set up OpenVPN client
certidude setup openvpn client {{request.url}}
Pending requests
{% for j in authority.get_requests() %}
-
Fetch
{% if j.signable %}
{% else %}
{% endif %}
{% include 'iconmonstr-certificate-15-icon.svg' %}
{{j.distinguished_name}}
{% if j.email_address %}
{% include 'iconmonstr-email-2-icon.svg' %} {{ j.email_address }}
{% endif %}
{% include 'iconmonstr-key-2-icon.svg' %}
{{ j.fingerprint() }}
{{ j.key_length }}-bit
{{ j.key_type }}
{% set key_usage = j.key_usage %}
{% if key_usage %}
{% include 'iconmonstr-flag-3-icon.svg' %}
{{j.key_usage}}
{% endif %}
{% else %}
- Great job! No certificate signing requests to sign.
{% endfor %}
Signed certificates
You can fetch a certificate by common name signing the request
curl -f {{request.url}}/signed/$CN > $CN.crt
{% for j in authority.get_signed() | sort | reverse %}
-
Fetch
{% include 'iconmonstr-certificate-15-icon.svg' %}
{{j.distinguished_name}}
{% if j.email_address %}
{% include 'iconmonstr-email-2-icon.svg' %} {{ j.email_address }}
{% endif %}
{% include 'iconmonstr-key-2-icon.svg' %}
{{ j.fingerprint() }}
{{ j.key_length }}-bit
{{ j.key_type }}
{% include 'iconmonstr-flag-3-icon.svg' %}
{{j.key_usage}}
{% endfor %}
Revoked certificates
To fetch certificate revocation list:
curl {{request.url}}/revoked/ | openssl crl -text -noout
{% for j in authority.get_revoked() %}
-
{{j.changed}}
{{j.serial_number}} {{j.distinguished_name}}
{% else %}
- Great job! No certificate signing requests to sign.
{% endfor %}