Fresh Ubuntu LTS
sudo snap install docker
mkdir -p ejbca / cd ejbca
sudo docker pull keyfactor/ejbca-ce
sudo docker run -it --rm -p 80:8080 -p 443:8443 -h localhost TLS_SETUP_ENABLED="simple" keyfactor/ejbca-ce
open link:
https://localhost:443/ejbca/adminweb
# CA Functions/Certificate Profiles:
-- Clone ENDUSER to ClientAuth
~ Validity or end date
~ Extended Key Usage: Highlight Client Authentication
--Save
# RA Functions/End Enity Profiles:
Enter ClientAuth (*Can be any Name) into Add End Entity Profile box
-- Click Add profile button
-- Click ClientAuth from above list
~ Review
~ Subject Alternative Name (Add)
~ Main Certificate Profile: Select ClientAuth from dropdown
~ Default Token Select "P12 file" from dropdown
-- Save
# RA Functions/Add End Entity:
~ Enter Username: frank
~ Enter 1-time enrollment Code)/Confirm: myCode1234
~ Enter Email Address: frank@remote-tech.us
~ Enter Common Name:Frank Earnhardt
-- Add
#RA Web (rightClick Open In New Tab)
https://localhost/ejbca/ra/loaded
~ Enroll/Use Username:
-Username: Frank
-Enrollment Code:myCode1234
--Click Check
~ Key algorithm - Select from dropdown: RSA 2048 bits
--Download PKCS#12
--Save as: Frank-Earnhardt.p12
~ CA Certificate and CRLs
~ Certificate column: Click PEM
--Save as: ManagementCA.pem
# Import into Web Browser
~ Firefox: about:preferences#privacy
Privacy & Security / Certificates / View Certificates
Import: Select frank-Earnhardt.p12
(Enter Enrollment Code as Pass)
-- Click Sign In
