Tag Archives: Keysigning

Creating client certificates with CSR now possible for Org Accounts

A fix for a long standing issue has recently been installed at the CAcert main server: Now finally it’s possible to create a client certificate from a Certificate Signing Request (CSR) in the user interface for Organisation (Org) Accounts.

For those who don’t have an idea what I am talking about, an Org Account is a user interface for administrators of companies and other organisations who got themselves assured with a CAcert Org Assurance.

Until recently, client certificates in an Org Account could only be created by using the browser feature to create a key pair and signing request in one go. This usually has the consequence that the administrator has access to the private key of the certificate, and has to send the private key and a password (hopefully secure) to the user the certificate is intended for.

While this is not that unusual in an organisation environment, it is not considered a clean solution.

The new feature to create a certificate from a CSR now allows much better solutions. Not only that the administrator does not need access to the end user’s private key at all, it’s now possible to create solutions where an organisation end user can create her own keys and CSR at the organisation’s website, while the administrator only confirms the validity of the request, gets the certificate from CAcert and posts it on a website for the user to download into her browser.

Especially in company settings CAcert certificates can productively used even though the root certificate is not included in browsers by default. Many companies use private CAs, for example to issue certificates which allow employees to securely log on to web applications. Now it’s possible to outsource the CA management to CAcert and just use an Org Account to issue certificates.

In my opinion CSR certificate creation is an important step to make CAcert certificates much more practical to use in company settings! Thanks to everyone involved in implementing this feature!

CAcert at Fosdem 11th, Feb 5th – 6th 2011

FOSDEM, the Free and Open Source Software Developers' European Meeting

CAcert and sidux e.V. will be present at Fosdem 2011, the Free and Open Source Software Developers’ European Meeting, February Sat 5th and Sun 6th 2011

If you want to help on our booth, register yourself on our events wiki page Fosdem 2011 planning

CU at Fosdem ….

CAcert at FOSDEM 2010

Fosdem 2010CAcert will be present at Fosdem 2010, the Free and Open Source Software Developers’ European Meeting, February Sat 6th and Sun 7th 2010

As our CrossCommunity guest on our booth we are welcome A. Stormont with the projects Nexanta and StormOS

CU at Fosdem ….

CAcert at OpenSourceDays-2010 Copenhagen, DK – March 5th + 6th

CAcert will be present at OpenSourceDays-2010 Copenhagen, DK, March 5th and 6th with a booth and a Keysigningparty.
DIKU Copenhagen, DK
Open Source Days is the largest open source conference in the Nordic area. It’s your opportunity to meet, share, and learn from professional open source experts.
Continue reading

CAcert at mrmcd0x8h (Sep. 4th – 6th)

CAcert will be present at mrmcd0x8h with 2 presentations and a Keysigning party:

Continue reading