[nspassov]

The fact that they keep your private keys in their database is what makes this a bad idea to use.

Cannot see what kind of people this service is targeted to, since the ones who understand what a CA is and need to sign their own certificates probably already know how to use OpenSSL.

[superuser2]

OpenSSL's CLI is pretty annoying, and for many (like me!) it mostly consists of copy-pasting commands into a text editor, modifying them slightly, and pasting them into a terminal. Could be better. But yeah, trusting a third party with your private keys isn't an answer.

[ollybee]

Maybe look at Dogtag Certificate System