ref: 8d6f421fbd4ea6b5ac74c4add9e8321b9c370982 hosaka-pki/README.md -rw-r--r-- 916 bytes
8d6f421f — poptart Updated to begin adding the interactive functions 1 year, 7 months ago


A set of shell scripts for configuring multiple kinds of common PKI systems in a functional manner. Currently the config supports:

  • SSL/TLS via the openssl(1) command
  • SSH via OpenSSH > 8.0

The goals are to attempt to shorten the nightmare of remember a ton of PKI commands and to encourage secure defaults. New versions never have guarentees about compatability.

Fundamentally this project is a thin wrapper around openssl commands in order to try and alieviate some of the UX nightmare that they are.


hosaka-pki tls ca
hosaka-pki tls server ashpool /etc/ssl/
hosaka-pki tls info
hosaka-pki tls sign /etc/hosaka/pki/ssl/intermediate/csr/ashpool.csr.pem
hosaka-pki tls sign ashpool
hosaka-pki tls check


hosaka-pki ssh ca
hosaka-pki ssh server ashpool poptart,users
hosaka-pki ssh info
hosaka-pki ssh sign ./ahspool.pub