Next: , Previous: What is X.509 ?, Up: Top

3 Setting up a CA

Do not let information overload scare you off! If you are simply testing or getting started with a PKI infrastructure, skip all this and go to the next chapter (see: see Creating a CA certificate).

Creating a CA certificate should be more the just creating a certificate, CA's should define a policy. Again, if you are simply testing a PKI, policies do not matter so much. However, when it comes to trust in an organisation, it will probably matter more whom your users and sysadmins will find it acceptable to trust.

At the same time, try to keep things simple, it's not very hard to run a Certificate authority and the process to get new certificates should be simple.

You may find it helpful to answer the following policy questions for your organization at a later stage: