On Thu, Mar 14, 2024 at 02:09:30PM -0700, Doug Hardie wrote:
> My other client is technically savy, but just too busy to get involved
> with creating CSRs. While I have not been able to get them to think
> about these issues yet, I believe they will go with having me create
> the user ids, and certificates. Hence, the ids will be unique. I
> don't know if they will want key passwords or not. They all use
> Windows machines so I don't know if that is even an option.
You can create a PKCS#12 file with a password-protected key and matching
certificate. The user can then import it into whatever software they
choose. You can share the password that encrypted the key out-of-band.
The same with the users who want a shared credential.
--
Viktor.
