Securing Web services: Be your own CA
We'll expand the discussion of CA implementation and use by giving practical examples using two widely available tools, OpenSSL and keytool. Bear in mind that many of the topics that we'll touch on require a deeper background than is practical to present within the scope if this article. Where applicable, we'll provide pointers to useful references.
Why do I need a CA?
As discussed in our earlier article, the CA is a crucial component of any PKI, as it provides public-key certificate issuance, management, and revocation services to PKI users, thus enabling distributed trust relationships. In general, the CA is usually not a singular entity, but a hierarchical collection of authorities, with a root CA at the top of the structure acting as the most trusted (and most authoritative) entity in the organization.
The link for this article located at newsforge.com is no longer available.