mCertAuth - methodica certification authority

Creates, signes, administerst keys, certificate signing requests, and certificates.

 Deutsch English



mCertAuth stands for "methodica Certification Authority".

What it isWhat it is
Who uses itWho uses it

What it is

mCertAuth is a tool for creating and administering website certificates. mCertAuth is the tool to run your own certification authority (CA).

The functions include:

  • Creating keys
  • Creating certificate signing requests
  • Signing certificates

Certificates may be signed by mCertAuth or by commercial Certification Authorities. mCertAuth allows for storing and administering both kinds of certificates.

Parameter values and results are stored in a database. Therefore also huge amounts of certificates are kept safely available for many years.

mCertAuth is a web application. The tool is available wherever the web server, on which the tool is installed, can be accessed. On the client side a standard web browser is sufficient, and no specific client software must be installed.

Who uses it

  • Private users
    More and more private users run websites. And an increasing number of Internet Service Providers (ISP) provide space for these websites, often offering secure HTTPS protocol. Usually the owner and visitors of private websites know each other. So, using self-signed certificates is a valuable option.
  • Non-profit organisations
    Non-profit organizations often do not have large financial resources. Both self-signed certificates and certificates signed by commercial CAs are options.
  • Companies
    Companies usually distinguish between public (Internet) and internal websites (intranets).

    Intranets can easily be secured with self-signed certificates. And, in the controlled environment the own root certificate can be easily outrolled.

    Companies usually have the certificates for public websites signed by commercial CAs. The management of keys, certificate requests, the monitoring of the validity and the secure storage of certificates is efficiently done by mCertAuth in these cases too.

    DNSSEC: This kind of certificates does not need a commercial signature. These certificates can be fully created, signed, and administered thru mCertAuth.


In times of NSA, other intelligence services, and criminals acting uncontrolled and uncontrollably we all have realized that encrypted data transfer is an absolute requirement. Industrial espionage is widespread and is equally done by the intelligence services and criminals.

Although encryption can not completely avoid abuses it - at least - makes it very hard to steal and manipulate data while transferred.

Encrypting should therefore be the standard today. And this includes all types of nets (intranet, extranet, internet)!


The costs of certificates from commercial CAs are easily within several hundred USD per year, no matter whether the certificates are used for public websites or internally. It is obvious that by using self-signed certificates the cost can be reduced significantly.

Through efficient storage, administration, and monitoring of all elements of certificates in a central place mCertAuth helps to save additional costs.

And, btw., if one day Google and other search engines will favorize encrypted websites versus non-encrypted ones encrypting would be an additional advantage.