Oh no step-ca what are you doing?
Sorry i had to do this
Joking aside I recommend setting up internal CA with easyrsa project from OpenVPN github repository
this post was submitted on 28 Oct 2023
3 points (100.0% liked)
Homelab
977 readers
1 users here now
Rules
- Be Civil.
- Post about your homelab, discussion of your homelab, questions you may have, or general discussion about transition your skill from the homelab to the workplace.
- No memes or potato images.
- We love detailed homelab builds, especially network diagrams!
- Report any posts that you feel should be brought to our attention.
- Please no shitposting or blogspam.
- No Referral Linking.
- Keep piracy discussion off of this community
founded 2 years ago
MODERATORS
The power of step-ca is that it supports lots of protocols for automation keys/certificates issuing, renewing, or rekeying.
You'll still most probably want to use OpenSSL to generate your chain. step-ca seems to be unnecessary work/step for your case.
By the way, the only "service" in my setup that doesn't support TLS automation is my remote UPS management card. Even though I think I might be able to hack it. ๐ The rest is perfectly automatable. ๐
So far youre the only one who fully read/understood my question. The rest mostly just recommend what they use. Which is also fine, yet these not answer the issue. Thank you!
I've been using step-ca for about 3 years in my lab, it's great, especially for services that support ACME (Proxmox, Caddy, etc.).