#275 New Demo CA and certs for quickstart and other services

Installer (7)

The demo CA used in quickstart is expiring this year.
Already for 6.5.1 the new one should be used. Of course certs for other services are needed too.

Some suggestions from Krzysztof:

- no EMAILADDRESS in DNs - it is deprecated since years and highly non portable.
- longer validity - 30 years?
- as this is demo - maybe we can have it public, so other, non-FZJ based
services would have the demo certs from the same CA? in Something like
demo ca we have (but probably only I'm using it) for generating Unit
testing certificates in securityFramework/dummyCA?
- in quickstart I'd split demo truststore from keystores. Should suggest
the proper approach. Of course with one truststore for all services.


  • Bernd Schuller

    Bernd Schuller - 2012-09-17

    done, New "demo-ca" toplevel module. Separate p12 keystore / jks truststores in quickstart. Lifetime 20 years or so ;)

  • Bernd Schuller

    Bernd Schuller - 2012-09-17
    • status: open --> closed

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks