From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Developer(s)David Marín Carreño
Stable release
1.3.0 / March 15, 2016 (2016-03-15)
Repository Edit this at Wikidata
Operating systemMulti-platform
TypeSecurity software
LicenseGNU General Public License v3

gnoMint is a free software tool for managing X.509 certification authorities (CAs).

Its purpose is to offer an easy to use interface for creating certification authorities and all related elements including X.509 digital certificates, certificate signing requests (CSRs) and certificate revocation lists (CRLs).


gnoMint has the following features:[1]

  • All the infrastructure needed to keep and run a certification authority is saved in only one file.
  • It's able to create certificate signing requests, allowing to export them to PKCS#8 files, so they can be sent to other CAs.
  • Allows the creation of X.509 certificates, with a usual set of subject-parameters.
  • Can export certificates and private keys to PEM files, so they can be used by external applications. It also allows to export PKCS#12 structures, so the certificates can be imported easily by web and mail clients.
  • The user can establish a set of policies for certificate generation in each one of the existing CAs.
  • gnoMint can import CSRs made by other applications.
  • The certificates can be revoked, with generation of the corresponding CRLs
  • It allows the possibility of keeping the CA private key, or other private keys, in external files or devices (as USB drives)
  • gnoMint is able to manage of a whole hierarchy of CAs, simultaneously, with their respectives certificates.
  • Pre-existing Certification Authorities made by other applications, as OpenSSL or TinyCA, can be imported with all their data.
  • It has a CLI intended for batch certificate creation, or integration with other utilities.

Licence and motivation[edit]

gnoMint is licensed under the GNU General Public License.

gnoMint is intended to help all systems and network administrators to deploy a Certification Authority very easily. Its development was started due to the lack of a 'just-works' CA software. According to gnoMint's author, "creating a CA from zero, through open-source command-line utilities, was possible, but was uncomfortable to remember all the necessary parameters. And you had to create a difficult configuration file."[2]

See also[edit]


  • "gnoMintを使って独自の認証機関を設定する". (in Japanese). 2008-10-03. Retrieved 2009-08-29.
  • "gnoMint homepage". Retrieved 2012-11-30.
  • gnoMint 1.0.0 announce message
  • Setting up your own certificate authority with gnoMint

External links[edit]