top | item 37538577

(no title)

I eventually need to publish an article about how to run an HSM backed root CA on the cheap with m of n auth.

Using nitrokey and some glue scripts you can get the cost below $500. If anyone is interested, let me know.

discuss

dmayle|2 years ago

I've just started down that route. I've got the nitro key hsm2 in the mail, have heard the advice on using two levels (first root in the Key, and intermediary on the Device for easier revoking). I mainly want to issue client certificates so that I can expose internal sites on the public Internet via proxy without having to require a VPN for all of my users, though I'm also interested in certificate based SSH

n0n|2 years ago

Yes, please! I would be interested. Currently i'm fiddling around with vault as an ICA, so this sounds like a good next step

Lienetic|2 years ago

+1 sounds like an interesting read

processunknown|2 years ago

Please do

temren|2 years ago

an article like that would be great!