Documentation

How to use our services.

Introduction

We provide SSL/TLS certificates for local infrastructure, to ensure protection for all your assets.

We provide certificates for :
VPN certificates
SSL/TLS ensures protection using a TLS handshake and ensures authentification and integrity by validating the server identity as well as client identity. You can create a server certificate (like websites one) and client certificate to ensure that all clients are allowed to access the VPN network. In OpenVPN 2.6, server configuration must follows :

tls-server
verify-client-cert require #Require all clients to have a certificate
remote-cert-tls client
ca ca_file.pem #File containing the SSL VPN Root certificate, accessible in files
cert yourcert.pem #Your certificate created
key yourkey.pem #Your private key of the certificate
Your private key must be kept secret and must not be shared, even with us. On your server, it should only be accessible to root. You can also check OCSP status using the script available in FAQ. Without it, your server cannot check if you revoke the certificate online! You can create certificates for up to a year depending on your plan.
Server/Web certificates
You can use our certificates to provide local access to websites. As we only deliver certificates for local websites, you can only create a common name ending with .local. Those domains are restricted to local web and cannot be accessible in the web. Therefore, you can use the name you want. You then just need to import the full certificate and the key to your webserver. For example on Apache :

SSLEngine on
SSLCertificateFile path/to/fullcert
SSLCertificateKeyFile path/to/key
Then restart Apache and try to connect using https://. If you get an error saying "The root certificate is not known", it is working but you need to import TLS VPN certificates on your browser in Settings->Certificates->Import.
Email certificates
You can use email certificates to ensure that your SMTP server only accepts emails sent from a valid certificate. You can import your certificates in your email sender in Settings and set SMTP validation in your SMTP server.
Your privacy is our top priority.

This website uses cookies or similar technologies, to provide its service, enhance your browsing experience and provide personalized recommendations. By continuing to use our website, you agree to our Privacy Policy.