Also see SSH certificate authority.
The internal CA doesn't see much use anymore with the advent of Let's Encrypt, but is still used for *.sym
domains and client authentication (VPN & PKINIT).
Certificate:
Dunelab Infrastructure Root.crt
Issued: 2025-01-01
Private key: RSA 2048 (hardware)
For use with Dunelab Active Directory, and with other older systems which require a SHA1-based chain.
Certificate:
Symlink Enterprise Root.crt
Issued: 2025-01-01
Private key: RSA 2048 (hardware)
For use with modern systems which support SHA256.
Certificate:
Nullroute CA r5.crt
Issued: 2019-02-10
Private key: RSA 4096 (software)
Superseded, as the key size didn't allow for hardware storage.