Manage certificates by XCA on Ubuntu.


testca0

- Installation:


# sudo apt-get install xca
# xca &


- Create a new CA named XCA:


Click an image to zoom in.

testca_xca0

testca_xca1

testca_xca2

testca_xca2

testca_xca2


- Export a CA certificate in PEM-encoding:


Click an image to zoom in.

testca14



- Create and export a new certificate for gateway1.example.com(FQDN):


  1. Create a certificate and a private key for gateway1.example.com.

    2. Click an image to zoom in.

    testca3

    testca4

    testca5


  2. Export the gateway1's certificate and private key and the CA's certificate to a PKCS#12 file.

    - File name: gateway1.example.com.p12
    - Export password: himitsu

    3. Click an image to zoom in.

    testca7

    testca8




- Create and export a new certificate for remotehost1@sales.example.com(FQDN):




  1. Create a new certificate and a new private key for remotehost1@sales.example.com.

    Select Create Key and Certificate (Client).

    2. Click an image to zoom in.

    testca9
    Actually, Rockhopper doesn't distinguish types of certificate usage, so you can create a certificate for this node as a server certificate.

    testca10

    testca11


  2. Export the remotehost1's certificate and private key and the CA's certificate to a PKCS#12 file.

    - File name: remotehost1.p12
    - Export password: naisho

    3. Click an image to zoom in.

    testca12

    testca13




- Revoke a certificate for remotehost1@sales.example.com and export a CRL file:


  1. Revoke a certificate for remotehost1.

    Select remotehost1.

    2. Click an image to zoom in.

    testca22


    testca23


  2. Export a new CRL(Certificate Revocation List) file in PEM-encoding.

    3. Click an image to zoom in.

    testca24

    testca25

    testca25


Back to Top