I'm looking at the wiki for phpki (
http://wiki.contribs.org/PHPki), and it sounds great--a web-based pretty GUI for SSL certificate management is a great add-on for SME server. My main interest is in managing the web server SSL certificate, not really with user certificates, although I will be trying to set up openVPN as well. I'm having some trouble getting my installation (see
http://bugs.contribs.org/show_bug.cgi?id=8682), but in the interim, I'm trying to figure out how this will work with what I'd like it to do. So, a few questions:
1. Can I import an existing CA certificate? I see that the wiki page has instructions for importing certs used with openvpn, but I'm not (yet) using openvpn. I have, however, created a CA certificate that I've already installed and trusted on my network, and it'd be nice to continue to use that certificate rather than going through the installation of a new cert on the clients.
2. Can PHPki handle web/mail server certificates? I'm hoping for the ability to generate a certificate, place the appropriate files in /home/e-smith/ssl.crt and /home/e-smith/ssl.key, make any appropriate config database updates, etc.
3. If (2) is affirmative, can it handle the SubjectAltName feature to generate a certificate that will be valid for multiple hosts (e.g.,
www.mydomain.tld, mail.mydomain.tld, and
www.myotherdomain.tld)?