XCA - X Certificate and key management
As a network engineer I deal with digital certificates quite often for EAP-TLS authentication, VPN, and device certificates like on WLC controllers.
Customers that don’t need a public certificate just want a valid certificate loaded on the device to make it work. I used to create certificates with OpenSSL, that is flexible and works great but lacks a GUI.
XCA is a Windows application with a nice GUI and great features to create and manage certificates:
This application is intended for creating and managing X.509 certificates, certificate requests, RSA, DSA and EC private keys, Smartcards and CRLs. Everything that is needed for a CA is implemented. All CAs can sign sub-CAs recursively. These certificate chains are shown clearly. For an easy company-wide use there are customiseable templates that can be used for certificate or request generation. All crypto data is stored in an endian-agnostic file format portable across operating systems.