PHPki

(state of Februray 6^th 2016)

PHPki is a web based CA “solution” written in PHP. Apart from the basic question wether it make sense to have such a critical part of your security infrastructure run as a networked service, there are several sources on the net:

William “eddieroadcap” Roadcaps propably original code on sourceforge, not updated since April 23^th 2013, being 0.83 the last version published there. In the meantime, this is declared "temporarly" unmaintained.
Nick “radicant” Pappas fork on github which apparently started on February 28^th 2012 with 0.83 and merged several pull requests by other contributors in the meantine.
apatiks¹⁾ fork of radicants code which is requested to be mergedby a conflicting pull request stale since May 4^th 2015
interiorcodealls fork on github, who refers to eddieroadcaps project page on sourceforge, but unfortunately restarted version numbering with 0.1 apparently on December 18^th 2015 based on eddieroadcaps latest code. There is a public demo referring to his code.
By searching for forks and documentation, I noticed the project SME-Server, which obviously has incorporated one of eddiroadcaps latest versions.

I tried out eddieraoadcaps code some time ago and I don't remember any problems setting up a minimal demo. Recently I tried apatiks latest version and encountered some glitches:

Running on an Ubuntu system, I didn't see any reason to pull composer somewhere dirty in my file system, instead I installed the smarty3 package which needed adoption of the require() statement in include/std_includes.php
The documentation on first start - meaning setup etc. - is not very helpfull. Basically, the parameter STORE_DIR needs to be set manually in define.php.
Although it is very common, I don't like the use of .htaccess files. Setting up a configuration in /etc/apache2/conf-available/phpki.conf seems to be straight forward though.

¹⁾

Andrew Patik?