A simple public key infrastructure tool
This is PicKI, a simple frontend for an openssl-based SSL certificate authority. It's designed for simplicity and scriptability. See the README here, or download the version 0x04 tarball here.
It's just a set of directories and a few support files for some simple shell scripts. You edit your config file, generate and self-sign your CA certificate, and then you can create certificates and keys.
This was created with openvpn in mind, and mostly against the standards of public key cryptography. Only a geek can generate his own SSL key and CSR (certificate signing request), but many non-geeks want to be VPN users. These scripts generate the key and CSR. But there is geek support too; simply copy the geek's CSR into the proper place, and sign it with your CA.
PicKI is licensed under the GNU GPL, not included, because the GPL is larger than the entirety of the PicKI distribution. You can find the GPL here, or many other places as well.
COMMENTS AND SUGGESTIONS are solicited and welcome, please write to: <firstname.lastname@example.org>. Thank you for your interest.