GnoMint
   HOME

TheInfoList



Click Here for Items Related To - GnoMint
OR:
GnoMint on:   [Wikipedia]   [Google]   [Amazon]

gnoMint is a
free software Free software, libre software, libreware sometimes known as freedom-respecting software is computer software distributed open-source license, under terms that allow users to run the software for any purpose as well as to study, change, distribut ...
tool for managing
X.509 In cryptography, X.509 is an International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secure ...
certification authorities In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This ...
(CAs). Its purpose is to offer an easy to use interface for creating certification authorities and all related elements including
X.509 In cryptography, X.509 is an International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secure ...
digital certificate In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a public key. The certificate includes the public key and information about it, informa ...
s,
certificate signing request In public key infrastructure (PKI) systems, a certificate signing request (CSR or certification request) is a message sent from an applicant to a certificate authority of the public key infrastructure (PKI) in order to apply for a digital identity ...
s (CSRs) and
certificate revocation list In cryptography, a certificate revocation list (CRL) is "a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their scheduled expiration date and should no longer be trusted". Publicly trusted C ...
s (CRLs).


Features

gnoMint has the following features: * All the infrastructure needed to keep and run a
certification authority In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. Thi ...
is saved in only one file. * It's able to create
certificate signing request In public key infrastructure (PKI) systems, a certificate signing request (CSR or certification request) is a message sent from an applicant to a certificate authority of the public key infrastructure (PKI) in order to apply for a digital identity ...
s, allowing to export them to PKCS#8 files, so they can be sent to other CAs. * Allows the creation of
X.509 In cryptography, X.509 is an International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secure ...
certificates, with a usual set of subject-parameters. * Can export certificates and private keys to PEM files, so they can be used by external applications. It also allows to export PKCS#12 structures, so the certificates can be imported easily by web and mail clients. * The user can establish a set of policies for certificate generation in each one of the existing CAs. * gnoMint can import CSRs made by other applications. * The certificates can be revoked, with generation of the corresponding CRLs * It allows the possibility of keeping the CA private key, or other private keys, in external files or devices (as USB drives) * gnoMint is able to manage of a whole hierarchy of CAs, simultaneously, with their respectives certificates. * Pre-existing Certification Authorities made by other applications, as
OpenSSL OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping, and identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS web ...
or TinyCA, can be imported with all their data. * It has a
CLI CLI may refer to: Computing * Call Level Interface, an SQL database management API * Command-line interface, of a computer program * Command-line interpreter or command language interpreter; see List of command-line interpreters * CLI (x86 instruc ...
intended for batch certificate creation, or integration with other utilities.


Licence and motivation

gnoMint is licensed under the
GNU General Public License The GNU General Public Licenses (GNU GPL or simply GPL) are a series of widely used free software licenses, or ''copyleft'' licenses, that guarantee end users the freedom to run, study, share, or modify the software. The GPL was the first ...
. gnoMint is intended to help all systems and network administrators to deploy a Certification Authority very easily. Its development was started due to the lack of a 'just-works' CA software. According to gnoMint's author, ''"creating a CA from zero, through open-source command-line utilities, was possible, but was uncomfortable to remember all the necessary parameters. And you had to create a difficult configuration file."''


See also

* Open Source implementations


References

* *
gnoMint 1.0.0 announce message

Setting up your own certificate authority with gnoMint


External links

* {{Official website, http://gnomint.sf.net Cryptographic software Key management