nullroute | services | certificate authority

Also see SSH certificate authority.

The internal CA doesn't see much use anymore with the advent of Let's Encrypt, but is still used for *.sym domains and client authentication (VPN & PKINIT).

Dunelab Infrastructure Root

Certificate: Dunelab Infrastructure Root.crt
Issued: 2025-01-01
Private key: RSA 2048 (hardware)

For use with Dunelab Active Directory, and with other older systems which require a SHA1-based chain.

Symlink Enterprise Root

Certificate: Symlink Enterprise Root.crt
Issued: 2025-01-01
Private key: RSA 2048 (hardware)

For use with modern systems which support SHA256.

Nullroute CA r5

Certificate: Nullroute CA r5.crt
Issued: 2019-02-10
Private key: RSA 4096 (software)

Superseded, as the key size didn't allow for hardware storage.

March 2025