Dashboard Issue Certificate CRL

Example CA Configurations

Click any example to populate the form below, or copy the values manually.

🌐 Web Server TLS
Subject:CN=api.example.com,O=Acme Corp,OU=Engineering,C=US
Validity:365 days
▶ Click to use
🏢 Internal Microservice
Subject:CN=payments-svc.internal,O=First National Bank,OU=Platform,C=US
Validity:730 days
▶ Click to use
🛡 DoD Contractor
Subject:CN=contractor.dod.mil,O=Defense Systems LLC,OU=Cleared Personnel,C=US
Validity:365 days
▶ Click to use
📡 IoT Device
Subject:CN=sensor-node-007,O=SmartGrid Inc,OU=Field Devices,C=US
Validity:180 days
▶ Click to use
🔒 Intermediate CA
Subject:CN=Intermediate CA 1,O=Primum and Terminus,OU=PKI Infrastructure,C=US
Validity:1825 days (5 yr)
▶ Click to use
🏥 Healthcare (HIPAA)
Subject:CN=ehr.cityhospital.org,O=City Hospital,OU=Health IT,C=US
Validity:365 days
▶ Click to use

Issue New Certificate

Format: CN= common name  |  O= organization  |  OU= unit  |  C= 2-letter country

For demo purposes, any base64 string works. In production this would be an ML-DSA-65 public key (FIPS 204).

Cancel
Why ML-DSA-65? — RSA and ECDSA can be broken by a sufficiently powerful quantum computer (Shor's algorithm). ML-DSA-65 (FIPS 204, formerly Dilithium3) is a NIST-standardized lattice-based signature scheme — quantum-resistant by design. All certificates issued here are signed with the CA's ML-DSA-65 private key.
Qpki | Primum & Terminus | Post-quantum certificate authority