A little more than two years ago, I set up a PKI and did a post on it. The main goal was to get a certificate on my EdgeOS router to get proper HTTPS support without the annoying red X. When I did it, however, I didn’t do it quite right, and so I decided to redo it all. Some of the major problems:
- The cert for my router expired after two years. Hence, I as of today I need a new cert anyway.
- The intermediate cert also expired after two years. Lame!
- To trust the chain, I had to import the intermediate cert into Windows, not the root cert. I should just need the root cert.
So I decided to do it right, and do it all over again for posterity, again largely following this post from Didier Stevens and again having the same old issues. Details below.
- Current Mood: Fall