Introduction
Certificates for the cacert.org domain are issued by the Organisation Admins as CAcert Inc. itself is organisationally assured.
Details
The details of the organisation account:
- organisation name: CAcert Inc.
contact email: support@cacert.org
- city: Sydney
- state: NSW
- country: AU
- comments:
Domains
- cacert.org
- cacert.com
- cacert.net
Organisation Admins
Please contact them for renewal or revocation of any of the certificates listed SystemAdministration/CertificateList.
Procedure
Client Certificates
If required for an email address that you control (e.g email address) you can issue this yourself (assuming you are assured or an assurer). If your stuck ask a certificate manager.
Server Certificates
These require a CSR to be sent to a certificate manager (see above).
- CSR format.
Quick howto:
openssl req -nodes -new -newkey rsa:2048 -keyout private_key -out server.csr
Country Name (2 letter code) [AU]:AU
State or Province Name (full name) [Some-State]:NSW
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:CAcert Inc.
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:'domainname.cacert.org'
Email Address []: (email addresses can't be included in CAcert server certificates)
Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
Document the certificate here SystemAdministration/CertificateList
Authorization - you must be listed as an administrator for the system you are issuing a certificate for (https://community.cacert.org/staff.php)
- Authentication - please issue the request from your @cacert.org email address and have it S/MIME or GPG signed when you send the CSR to the Certificate Manager.