Certificate Manager

FairCom Certificate Manager is a scripting solution that manages a company's internal certificates

Abstract

FairCom Certificate Manager creates, manages, and renews The following properties are part of each jsonAction response message.

FairCom Certificate Manager creates, manages, and renews CA, server, and client certificates. It provides Python scripts that prompt you to answer a few questions. In seconds, you can create a certificate or renew many certificates. You can also use the command-line options to create certificates with advanced features.

Certificate Manager

FairCom Certificate Manager is a simple solution for managing a company's internal certificates

FairCom Certificate Manager is a suite of Python scripts for creating, managing, and renewing certificates. It can be used as an internal company-level or department-level certificate authority solution managed by a certificate authority administrator.

Action	Script Name	Description
Create CA certificate	`createcacert.py`	This script creates an internal CA certificate and its private key which can be used to create server certificates and client certificates for use on your company's internal network. Use `importcert.py` to register the CA certificate on client computers so they trust it. Register the CA certificate with client applications to validate the identity of the internal servers they connect to.
Create client certificate	`createclientcert.py`	This script creates a client certificate and its private key to use instead of a username and password when logging into a FairCom server. Register the client certificate with application software.
Create server certificate	`createservercert.py`	This script creates a server certificate and its private key to verify the authenticity of one server. After running this script, distribute the server certificate and its private key to the server for which it was created.
Renew certificate	`renewcert.py`	This script renews all certificates in a folder by creating new certificates that expire later. Then, distribute renewed certificates to servers and clients.
Import CA certificate	`importcert.py`	This script imports your internal CA certificate into the keystore on Windows, Linux, or MacOS. This allows a computer to trust the certificates you create with the CA certificate. Use administrator privileges to run this script locally on each computer. For Linux and MacOS, prepend the command with `sudo`.
Display certificate information	`certinfo.py`	Displays certificate and private key information in a PEM file.

Setup

You need to do the following once to set up FairCom's Certificate Manager scripts.

Install Python version 3.7.9 or later.
Open the command prompt
On Windows type START + r cmd
Install Python's cryptography module
```
pip install cryptography
```
Change the current folder to <faircom>\tools\certman
On Windows, use the cd command followed by the path of the certman folder, such as:
```
cd C:\FairCom\FairCom-Edge.windows.64bit.v4.2.0.145\tools\certman\
```
Run the createcacert.py script to create an internal CA certificate and its private key, which you will use to create server and client certificates.
Create and renew server and client certificates as desired.

Tip

For convenience, you can copy the certman folder to any folder you like, such as c:\certman.

You can also add the certman path to the OS environment path so you can run them from any folder.