Paraphrase for the CA when using the QuickStart example

I am assuming that this is blank… or is it?

I am also assuming that if you use the ziti pki commands… it will take care of itself.

As opposed to using other tools to generate a client / server certificate for a SSL golang server.

Is this correct?

When using the ziti cli it will take care of itself - yes. I am pretty sure any passphrases will be blank. thoroughly documenting how one goes about establishing an entire PKI is probably not a topic we’ll cover here other than illustrating how it was done via the quickstarts/ziti-cli-functions/ziti cli itself. It’s too big of a topic for the OpenZiti discourse. There’s reams of information on the internet. We would/should document what sort of certs are needed, what are the requirements etc. I don’t think that’s documented yet.

Using the ziti cli and looking at the certs produced in the quickstarts is probably the best idea for now

1 Like