From openIdeas.info

Jump to: navigation, search

OpenSSL Certificates Quick Guide

This is just a quick guide that will get you started with OpenSSL certificates. See http://www.openssl.org/docs/ for documentation.

Creating a Certificate

$ mkdir demoCA
$ mkdir demoCA/newcerts
$ mkdir demoCA/private

Create a self-signed CA certificate:

$ openssl req -new -x509 -keyout cakey.pem -out cacert.pem
$ mv cakey.pem demoCA/private/
$ mv cacert.pem demoCA/

Create a certificate request:

$ openssl req -new -keyout tentaclekey.pem -out tentaclereq.pem -days 360

Sign the certificate request:

$ cat tentaclereq.pem tentaclekey.pem > tentaclenew.pem
$ touch demoCA/index.txt
$ echo "01" >> demoCA/serial
$ openssl ca -out tentaclecert.pem -in tentaclenew.pem

Creating a Self-Signed Certificate

Simply run:

$ openssl req -new -x509 -keyout tentaclekey.pem -out tentaclecert.pem -days 360

Generating an RSA Private Key

This is very useful to avoid having to enter a password on the client side.

Generate the key:

$ openssl genrsa -out tentaclekey.pem

And substitude -keyout with -key on the steps above.