Created
January 7, 2016 13:16
-
-
Save pimpreneil/7b28b398de3a736700cd to your computer and use it in GitHub Desktop.
Create a certification authority and certify a self-signed certificate using openssl
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create the CA key | |
| openssl genrsa -out ca.key 4096 | |
| # Create the CA cert | |
| openssl req -new -x509 -days 1826 -key ca.key -out ca.crt | |
| # Create the certif key | |
| openssl genrsa -out ia.key 4096 | |
| # Create the certification request | |
| openssl req -new -key ia.key -out ia.csr | |
| # Create the final certificate | |
| openssl x509 -req -days 730 -in ia.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out ia.crt | |
| # Usage example in Apache Vhost | |
| # SSLCertificateFile /etc/apache2/ssl/ia.crt | |
| # SSLCertificateKeyFile /etc/apache2/ssl/ia.key | |
| # SSLCertificateChainFile /etc/apache2/ssl/ca.crt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment