Speaker
Florin Bogdan MANOLACHE
(Carnegie Mellon University)
Description
SSL/TLS certificates are used by more and more
network services, but their lifespan keeps decreasing. Managing
certificates on a large network is extremely time consuming,
both as manpower and as complexity. This paper presents
an automatic SSL/TLS certificate management system based
on a single certificate manager, which makes generation and
distribution of certificates efficient and traceable, while keeping
the flexibility of multiple administrators for various domains. The
system offers a web interface and a CLI, while keeping software
dependencies at a minimum. The software is used in production
on a large heterogeneous network at Carnegie Mellon University.
Authors
Florin Bogdan MANOLACHE
(Carnegie Mellon University)
Prof.
Octavian RUSU
("Al. I. Cuza" University)
