> Hi, all. > > Is there any support for using gpgsm as a certificate authority?
Hi, FWIW I have put up a guide recently on how I achieved this with gpgsm + an OpenPGP card for private key handling. You can drop the card thing if you don't intend using and keep the private key instead. https://github.com/jymigeon/gpgsm-as-ca It is still a bit rough, I expect to expand it a bit in a few days. All certificates I issue through this method work with the openssl stacks we have around, so it is working from my PoV. Did not investigate how to handle the CRL part though, and the X.509 extensions need a bit more work to be user-friendly, but you can safely figure this out via openssl asn1parse. -- Jean-Yves Migeon _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
