The nice thing about SSL/TLS is that many applications do not actually require the use of an external signing authority. You have everything you need to be your own CA, and that can in many cases be quite helpful.
In the same vein, if I was in charge of IT for a big(gish) organisation I would certainly take a look at UEFI Secure Boot with a view to using my own keys to sign stuff I want to run on my machines. The SUSE approach doesn't look too bad at first glance.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds