Created
November 8, 2019 20:11
-
-
Save crpietschmann/ab4a812fe82551edc7837b694fab34fe to your computer and use it in GitHub Desktop.
Use OpenSSL to sign an x.509 certificate with another (example Root CA scenario)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # generate custom root CA certificate | |
| openssl req -x509 -newkey rsa:4096 -keyout customRootCA.key -out customRootCA.cer -days 365 | |
| # generate leaf certificate | |
| openssl req -x509 -newkey rsa:4096 -keyout leafCert.key -out leafCert.cer -days 365 -subj “/C=/ST=/L=/O=/CN=” | |
| # generate certificate request for the leaf certificate | |
| openssl x509 -x509toreq -days 365 -in leafCert.cer -signkey leafCert.key -out leafCert.req | |
| # sign the leaf certificate request with custom root CA certificate | |
| openssl x509 -req -days 365 -in leafCert.req -signkey customRootCA.key -out leafCert.cer |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment