Yes, if you are familiar with Perl it should be no issue. I got the Docker version working with the demo script and started understanding how it works. I would recommend to start that route. Also, you need pretty good knowledge on setting up multi-level CAs with OpenSSL first if you really want to setup a system like this more formally. You will most likely want an off-line root CA that issues the first few component you need to initialize OpenXPKI.
If you want a CA, on the other hand I would recommend you use the methods described in this book: https://www.feistyduck.com/books/openssl-cookbook/ Read the complete book and you will have a recipe to create your own command line CA which is pretty decent. A PKI like OpenXPKI build on top of that to make it on-line and easier to manage but essentially you could use OpenSSL and run your CA off a secure SD card if you wanted to. In any case even before attempting to get a PKI running you need solid OpenSSL concepts and the use of templates to understand if you need or want to separate things like signing certificates from encryption certificates or server certs for TLS and HTTPS. There are many applications for asymmetric cryptography and you need to have all the concepts pretty well mastered, and justify a need for a PKI. Generally, a full featured CA like the ones you can create with OpenSSL will be sufficient for most needs. When you want a PKI is for example if you want an on-line and automated certificate signing entity via SCEP and well defined workflows, then you probably want something like OpenXPKI. Best, -- Alex On Fri, Feb 26, 2021 at 12:18 PM Carlos Velasco < [email protected]> wrote: > Hello, > > I'm working in my final graduate project and I was thinking of > incorporating a CA into it for some things, and then I saw OpenXPKI. > > Question: Can it be installed from source? > I see debian packages in the docs, but currently the server is not debian > and adding another server (physical/virtual) to the project is not an > option at this point. > > Regards, > Carlos Velasco > > _______________________________________________ > OpenXPKI-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/openxpki-users >
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
