Hallo,
I try to setup a set of SSL keys for my private usage. I do not want to have the keys signed by an authority. So, I tried the Yast2 CA Management module. It seems impressive, but I have a lot of questions. I searched the opensuse site and found no info/howtos. The SLES documentation actually is a manual of the module. What I need is a ‘practical’ guide. For example, how do we use the generated keys with Apache, Postfix, Dovecot etc?
Does anyone has a relevant link?
Let’s try something else.
I generated a CA from the CA Management module of YaST and then a SubCA. I generated a sign request for the Sub CA and then I sign it with the root CA.
Now the questions:
- YaST documentation says that the best approach is to use the Sub CA for certifications.
- Which CA should I export? Root or the SubCA?
More questions will follow.