Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!
openssl genrsa -des3 -out rootCA.key 4096
Ding,Yi dingyi216
dingyi216
/ create-certs.sh
Created
October 25, 2019 14:37
— forked from sethvargo/create-certs.sh
Use openssl to create an x509 self-signed certificate authority (CA), certificate signing request (CSR), and resulting private key with IP SAN and DNS SAN
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Define where to store the generated certs and metadata. | |
| DIR="$(pwd)/tls" | |
| # Optional: Ensure the target directory exists and is empty. | |
| rm -rf "${DIR}" | |
| mkdir -p "${DIR}" | |
| # Create the openssl configuration file. This is used for both generating | |
| # the certificate as well as for specifying the extensions. It aims in favor | |
| # of automation, so the DN is encoding and not prompted. |
dingyi216
/ self-signed-certificate-with-custom-ca.md
Created
October 25, 2019 14:07
— forked from fntlnz/self-signed-certificate-with-custom-ca.md
Self Signed Certificate with Custom Root CA