I have a cluster of ~10 hosts, all using X.509 certs for authentication and encryption. I have created my own CA root and intermediate signing certs on an isolated, dedicated CA workstation. I want to deploy the CA certificate as a trusted root across all devices. Then I will generate and sign certs for each device and deploy them across the cluster. Is there a standard configuration model for doing this? I notice that there is an /etc/ssl and /etc/pki directory tree on my CentOS devices. How are these typically used?
- Reuben
Standard method for storing PKI keys and certs?
Re: Standard method for storing PKI keys and certs?
Maybe You will find some useful info here: https://access.redhat.com/documentation ... ent_guide/