230 likes | 450 Views
Membuat CA Sendiri. Onno W. Purbo Onno@indo.net.id. Referensi. http://www.openca.org http://www.openssl.org http://www.apache-ssl.org http://www.redhat.com. OpenCA. Fasilitas OpenCA. Certificate Authority (CA) Registration Authority (RA). Certification Authority (CA).
E N D
Membuat CA Sendiri Onno W. Purbo Onno@indo.net.id
Referensi • http://www.openca.org • http://www.openssl.org • http://www.apache-ssl.org • http://www.redhat.com
Fasilitas OpenCA • Certificate Authority (CA) • Registration Authority (RA)
Certification Authority (CA) • mengimport Requests • membuat daftar permohonan certificate • Export certificate • Archivie requests • Melihat arsip requests • Delete requests • Issue certificates • Verify RA operator identity • Export CRL
Registration Authorities (RA) • Membuat daftar permohonan yang pending/deleted/archivied • approve requests • export requests ke removable media • import new certs dari removable media • import CRLs
Misi Proyek OpenCA • Sebuah usaha kerjasama untuk membangun struktur interface berkaitan dengan masalah keamanan & administrative untuk managemen operasi digital sertifikat X.509, seperti: • Admission • Verify • Revocation • Suspension • dll.
Mailing list OpenCA • http://www.openca.org/docs/mlists.shtml • openca-users@openca.org • openca-bugs@openca.org • openca-announce@openca.org • openca-devel@openca.org
Team inti OpenCA • Massimiliano Pala (madwolf@openca.org) • Core Developer & Project Manager • Giovanni Faglioni (giova@openca.org) • Project Manager & Core Developer • Sergio Duretti (duretti@comune.mo.it) • Project Contacts Manager • Miguel Armas (kuko@openca.org) • Core Developer • Victor R. Ruiz (rvr@openca.org) • Core Developer • Simos Xenitellis (simos@openca.org) • Docs Developer
FTP sites • ftp://ftp.openca.org/ • ftp://ftp.dti.ad.jp/pub/net/OpenCA • ftp://sunsite.cnlab-switch.ch/mirror/OpenCA • ftp://ftp.pca.dfn.de/pub/pca/tools/openca/
Paket OpenCA (7 juli 2000) • OpenCA-0.2.0-4.tar.gz • Modul tambahan • OpenCA-X509-0.8.42.tar.gz • OpenCA-Tools-0.3.01.tar.gz • OpenCA-TRIStateCGI-1.2.35.tar.gz • OpenCA-SV-0.5.98.tar.gz • OpenCA-REQ-0.4.29.tar.gz • OpenCA-PKCS7-0.1.24.tar.gz • OpenCA-OpenSSL-0.5.58.tar.gz • OpenCA-DB-0.5.87.tar.gz • OpenCA-Configuration-1.3.14.tar.gz • OpenCA-CRR-0.0.2.tar.gz • OpenCA-CRL-0.5.36.tar.gz • Net-LDAPapi-1.42.tar.gz
OpenSSL • Termasuk dalam paket RedHat 7.0
Fasilitas OpenSSL • Creation of RSA, DH and DSA key parameters • Creation of X.509 certificates, CSRs and CRLs • Calculation of Message Digests • Encryption and Decryption with Ciphers • SSL/TLS Client and Server Tests • Handling of S/MIME signed or encrypted mail
Source • 2086131 Sep 24 17:46:22 2000 openssl-0.9.6.tar.gz [LATEST] • 2103482 Sep 24 18:22:33 2000 openssl-engine-0.9.6.tar.gz [LATEST]
FTP sites • ftp://ftp.openssl.org/source/ [CH] • ftp://sunsite.cnlab-switch.ch/mirror/openssl/ [CH] • ftp://ftp.funet.fi/pub/crypt/cryptography/libs/openssl/ [FI] • ftp://ftp.pca.dfn.de/pub/tools/net/openssl/ [DE] • ftp://ftp.ecrc.net/pub/security/openssl/ [DE] • ftp://ftp.uni-trier.de/pub/unix/security/openssl/ [DE] • ftp://ftp.webmonster.de/pub/openssl/ [DE] • ftp://opensores.thebunker.net/pub/mirrors/openssl/ [UK] • ftp://ftp.net.lut.ac.uk/openssl/ [UK] • ftp://ftp.mirror.ac.uk/sites/ftp.openssl.org/ [UK] • ftp://sunsite.uio.no/pub/security/openssl/ [NO] • ftp://ftp.sunet.se/pub/security/tools/net/openssl/ [SE] • ftp://ftp.chl.chalmers.se/pub/unix/security/openssl/ [SE] • ftp://ftp.psy.uq.edu.au/pub/Crypto/ [AU] • ftp://mirror.aarnet.edu.au/pub/openssl/ [AU] • ftp://gd.tuwien.ac.at/infosys/security/openssl/ [AT] • ftp://glock.missouri.edu/pub/openssl/ [US] • ftp://ftp.av8.com/pub/mirrors/openssl/ [US] • ftp://ftp.styx.net/mirrors/crypto/openssl/ [US] • ftp://gw.inetlab.com/mirrors/openssl/ [RU] • ftp://ftp.mos.net/pub/security/openssl/ [RU] • ftp://ftp.ebizlab.hit.bme.hu/pub/openssl/ [HU] • ftp://ftp.kfki.hu/pub/packages/security/openssl/ [HU] • ftp://guest.kuria.katowice.pl/pub/openssl/ [PL] • ftp://ftp.win.ne.jp/pub/network/security/openssl/ [JP] • ftp://ftp.infoscience.co.jp/pub/Crypto/SSL/openssl/ [JP] • ftp://ftp.happysize.co.jp/mirror/openssl/ [JP] • ftp://ftp.ncu.edu.tw/Unix/Crypto/OpenSSL/ [TW] • ftp://ftp.mit.com.tw/pub/SSL/openssl/ [TW] • ftp://ftp.elab.co.za/support/openssl/source/ [ZA] • ftp://ftp.fisek.com.tr/pub/openssl/ [TR] • ftp://ftp.fi.muni.cz/pub/openssl/ [CZ] • ftp://ftp.sunsite.utk.edu/pub/openssl/ [US] • ftp://ftp.gm.is/pub/openssl/ [IS] • ftp://ftp.directnet.ru/pub/openssl/ [RU] • ftp://ftp.linux.hr/pub/openssl/ [HR] • ftp://ftp.1stnet.co.uk/pub/mirrors/openssl/ [UK] • ftp://mirror.aarnet.edu.au/pub/openssl/ [AU] • ftp://storm.alert.sk/mirrors/openssl/ [SK] • ftp://ftp.openssl.uli.it/ [IT] • ftp://ftp.grmbl.com/pub/openssl/ [BE] • ftp://ftp.gin.cz/pub/MIRRORS/ftp.openssl.org/ [CZ] • ftp://ftp.calyx.nl/pub/openssl/ [NL] • ftp://ftp.duth.gr/pub/OpenSSL/ [GR] • ftp://ftp.linux.gr/pub/crypto/openssl/ [GR] • ftp://ftp.si.uniovi.es/mirror/OpenSSL/ [ES]