Boulder's functional scople

Help
1

Hello all,

I'm Alex , beginner in Boulder periscope in order to implement private ACME CA on my own with Boulder and Certbot and my own CA module which means doesn't use let's encrypt SSL certificate .

That means Boulder works as just ACME server while my production CA module works manufacture/renew/revoke SSL certificate

My question is

  1. I hope Boulder works as a ACME server which means my CA works certificate
    issuance. If that is possible, Would you please let me know how integrate Boulder and my
    CA module.
    Is there any APIs or something which enables integration with my CA ?

I hope you're doing well and kind help..

Thanks all,,

1 Like
2

I'm not sure I understand. What are you trying to achieve?

  • do you want to open another CA? In that case, you can look at Boulder but it is very bespoke, so it might not be what you need.

  • do you want to get certificates from Boulder? In that case, you don't need to install Boulder, you just need an acme client (Certbot or any other client or your own implementation).

3 Likes
3

I adjusted my question clear. Thanks for your kindly help above.

1 Like
4

You should look at smallstep. You can probably run Boulder but as I said it's not the most reusable software around.

There shouldn't be APIs, there should be some settings to make it work with your HSMs.

3 Likes
5

Okay, i see

Thanks for your kindly advice.

1 Like
6

If you have an existing internal CA and you want to ACME-enable it then it will depend on the software your CA system is using. Agree it's probably easier just to use an ACME enabled internal CA like smallstep unless you can't for some reason.

3 Likes
8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.