RSDG Homelab PKI
Two-tier ECDSA certificate authority for internal services
Hierarchy
RSDG Homelab Root CA (ECDSA P-384, offline)
├── Vault Intermediate CA (ECDSA P-384) — issues service TLS certs
└── FreeIPA Dogtag CA (ECDSA P-384) — issues identity certs
Root CA
RSDG Homelab Root CA
| Subject | /C=US/O=RSDG Homelab/CN=RSDG Homelab Root CA |
| Issuer | /C=US/O=RSDG Homelab/CN=RSDG Homelab Root CA |
| Valid | Mar 8 01:39:33 2026 GMT — Mar 5 01:39:33 2036 GMT |
| Key | id-ecPublicKey |
| SHA-256 | DB:7C:41:8B:12:62:2F:5E:38:FF:14:82:5E:DD:14:6E:5A:08:57:10:B6:7F:41:50:A0:19:E5:24:43:8E:2D:BA |
Vault Intermediate CA
RSDG Homelab Intermediate CA
| Subject | /C=US/O=RSDG Homelab/CN=RSDG Homelab Intermediate CA |
| Issuer | /C=US/O=RSDG Homelab/CN=RSDG Homelab Root CA |
| Valid | Mar 8 01:47:16 2026 GMT — Mar 7 01:47:16 2031 GMT |
| Key | id-ecPublicKey |
| SHA-256 | F3:34:B1:B7:07:63:64:51:5E:25:F4:FD:0F:90:7E:1B:F9:79:21:38:4D:0F:7E:0A:FB:4E:A3:E2:87:A3:60:3D |
Certificate Revocation
CRL
| Last Update | Mar 8 01:48:30 2026 GMT |
| Next Update | Mar 11 01:48:30 2026 GMT |
| Revoked | 0
0 certificate(s) |
OCSP responder: vault.rsdg.io/v1/pki/ocsp (internal only)