I have a fairly creative ssl setup on my webserver:
- I run my own ‘certificate authority’ which signs the server certificate;
- I have a bunch of alternative names specified;
- The CA certificate sits on an ePass 2003 PKI token.
I’m writing down how I sign certificates in this context so I can use this to
look up the procedure instead of spending hours in DuckDuckGo. This is more of
a tutorial than elegant prose.