Create SSL Client Certificate on different Web Server [closed]

Question

Closed. This question is off-topic. It is not currently accepting answers.

---

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 9 years ago.

Improve this question

I have a web server (Apache) and configured a CA on this machine to create self-signed ssl client certificates (via openssl). Because the web server is in the DMZ, my question is: Is there any way to create the ssl client certs on a different machine (in the internal network) and can the web server in the DMZ be configured to use these certs?

Answer 1

Yes, you can (but you will of course need the CA key). It doesn't matter on which host you create a certificate.

E.g. when you purchase a certificate from a trusted CA they create it on another machine, possibly on another continent :)