I am looking to roll out a large number of YubiKeys in a heterogeneous (a lot of Mac and Linux Client) environment with certificates in PIV mode that is not centrally managed by an AD.
We are looking to deploy a open-source CA such as EJBCA for certificate handling and life-cycle.
We want to enable users to perform sort of a self-enrollment for the certifactes and make this as "simple" as possible to the user. While I understand all the necessary steps using the yubitools such as the pivtool. I am wondering if there is something comparable to the windows based enrollment tools such as the CSIS Enrollment station that works with open-source backends?
Any thoughts or input is greatly appreciated.
Thanks
lIlStatistics: Posted by lil0r — Fri Sep 22, 2017 5:14 pm
]]>