This will serve as a list of all of the features that BounCA currently has.
Having multiple intermediate certificates enables authorization on group level. Create certificates for different level of grants.
Create server side certificates for encrypted trusted connections. Typical use cases are: - Internal trust network in your Intranet - Trusted peer network with reduced risk of man-in-the-middle attack - Trusted private cloud services over Internet
Generate client and server certificates with subject alt names for supporting multiple accounts or domains.
Easily revoke a certificate from the dashboard by pressing the revoke button. Download the CRL file for hosting it.
Download a zip containing all the important certificate and key files for configuring your webservers (Apache, nginx), OpenVPN and other services. The package also contains a prepackages pkcs12 file with the keys and certificates.
All keys in BounCA are protected by passphrases. It is only allowed to have client and server certificates without passphrase.
BounCA takes care that your passphrases are strong enough, and checks if your passphrase is correct before singing a csr.
Note
BounCA does not store passphrases. Please keep your passphrases in a secret place as you cannot restore a passphrase.
The BounCA backend offers an API to control the PKI. You can directly access the API to generate and access your certificates. This enables automatic revoking, and provisioning of certificates.