Manage certificates by XCA on Ubuntu.


testca0

- Installation:


# sudo apt-get install xca
# xca &


- Create a new CA named XCA:


Click an image to zoom in.

testca_xca0

testca_xca1

testca_xca2

testca_xca2

testca_xca2


- Export a CA certificate in PEM-encoding:


Click an image to zoom in.

testca14




- Create and export a new certificate for gateway1.example.com(FQDN):


  1. Create a certificate and a private key for gateway1.example.com.

  2. Click an image to zoom in.

    testca3

    testca4

    testca5


  3. Export the gateway1's certificate and private key and the CA's certificate to a PKCS#12 file.

    - File name: gateway1.example.com.p12
    - Export password: himitsu

  4. Click an image to zoom in.

    testca7

    testca8





- Create and export a new certificate for remotehost1@sales.example.com(FQDN):




  1. Create a new certificate and a new private key for remotehost1@sales.example.com.

    Select Create Key and Certificate (Client).

  2. Click an image to zoom in.

    testca9
    Actually, Rockhopper doesn't distinguish types of certificate usage, so you can create a certificate for this node as a server certificate.

    testca10

    testca11


  3. Export the remotehost1's certificate and private key and the CA's certificate to a PKCS#12 file.

    - File name: remotehost1.p12
    - Export password: naisho

  4. Click an image to zoom in.

    testca12

    testca13





- Revoke a certificate for remotehost1@sales.example.com and export a CRL file:


  1. Revoke a certificate for remotehost1.

    Select remotehost1.

  2. Click an image to zoom in.

    testca22


    testca23


  3. Export a new CRL(Certificate Revocation List) file in PEM-encoding.

  4. Click an image to zoom in.

    testca24

    testca25

    testca25


Back to Top