FairCom Certificate Manager creates, manages, and renews CA, server, and client certificates. It provides Python scripts that prompt you to answer a few questions. In seconds, you can create a certificate or renew many certificates. You can also use the command-line options to create certificates with advanced features.
For definitions of terms used on this page, see Security terms.
Certificate Manager
FairCom Certificate Manager is a simple solution for managing a company's internal certificates
FairCom Certificate Manager is a suite of Python scripts for creating, managing, and renewing certificates. It can be used as an internal company-level or department-level certificate authority solution managed by a certificate authority administrator.
| Action | Script Name | Description |
|---|---|---|
| Create CA certificate | createcacert.py |
This script creates an internal CA certificate and its private key which can be used to create server certificates and client certificates for use on your company's internal network. Use importcert.py to register the CA certificate on client computers so they trust it. Register the CA certificate with client applications to validate the identity of the internal servers they connect to. |
| Create client certificate | createclientcert.py |
This script creates a client certificate and its private key to use instead of a username and password when logging into a FairCom server. Register the client certificate with application software. |
| Create server certificate | createservercert.py |
This script creates a server certificate and its private key to verify the authenticity of one server. After running this script, distribute the server certificate and its private key to the server for which it was created. |
| Renew certificate | renewcerts.py |
This script renews all certificates in a folder by creating new certificates that expire later. Then, it is your responsibility to distribute the renewed certificates to servers and clients. |
| Import CA certificate | importcert.py |
This script imports your internal CA certificate into the keystore on Windows, Linux (Unix), or MacOS. This allows a computer to trust the certificates you create with that CA certificate. Use administrator privileges to run this script locally on each computer. For Linux (Unix) and MacOS, prepend the command with sudo. |
| Display certificate information | certinfo.py |
Displays certificate and private key information in a PEM file. |
Setup
You need to do the following once to set up FairCom's Certificate Manager scripts.
- Install Python version 3.7.9 or later.
- Open the command prompt
On Windows press the Windows logo key + r and enter cmd - Install Python's cryptography module
pip install cryptography- Change the current folder to
<faircom>\tools\certman
On Windows, use thecdcommand followed by the path of thecertmanfolder, such as:
cd C:\FairCom\FairCom-Edge.windows.64bit.v4.2.0.145\tools\certman\- Run the
createcacert.pyscript to create an internal CA certificate and its private key, which you will use to create server and client certificates. - Create and renew server and client certificates as desired.
For convenience, you can copy the certman folder to any folder you like, such as c:\certman.
You can also add the certman path to the OS environment path so you can run them from any folder.
