Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I eventually need to publish an article about how to run an HSM backed root CA on the cheap with m of n auth.

Using nitrokey and some glue scripts you can get the cost below $500. If anyone is interested, let me know.



I've just started down that route. I've got the nitro key hsm2 in the mail, have heard the advice on using two levels (first root in the Key, and intermediary on the Device for easier revoking). I mainly want to issue client certificates so that I can expose internal sites on the public Internet via proxy without having to require a VPN for all of my users, though I'm also interested in certificate based SSH


Yes, please! I would be interested. Currently i'm fiddling around with vault as an ICA, so this sounds like a good next step


+1 sounds like an interesting read


Please do


an article like that would be great!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: