I posted a few weeks back that the CA seems to work just fine for TLS certs, and that continues to be the case. I’ve shelved Gluu for the time being in favor of LemonLDAP::NG, which I’ve discussed more here:
I’m a little unclear on how to use the CA to issue both TLS and SSH certs, but once I get that piece figured out, I think I’ll have what I need to put them together.