step-ca, a private online certificate authority from Smallstep, bootstrapping its own CA on first boot.
Choose the operating system, cloud and version you need. Every variation is the same hardened step-ca image, built and supported by cloudimg.
step-ca is an open source private online certificate authority from Smallstep that issues X.509 and ACME certificates over TLS. It lets organisations run internal public key infrastructure, issuing short lived certificates and automating renewal for services, devices and workloads.
The cloudimg image is hardened and fully patched with step-ca running as a service alongside the step command line tool. Every instance bootstraps its own unique certificate authority on first boot with freshly generated key passwords and its own root and intermediate certificates, so no CA material is shared or ships in the image. Configuration, certificates and keys sit on a dedicated resizable data disk, with 24/7 cloudimg support included.