码迷,mamicode.com
首页 > 其他好文 > 详细

openssl创建自己的CA certificate

时间:2014-11-05 22:48:08      阅读:230      评论:0      收藏:0      [点我收藏+]

标签:des   style   blog   http   io   color   ar   os   sp   

Create a Certificate Authority private key (this is your most important key):

$ openssl req -new -newkey rsa:1024 -nodes -out ca.csr -keyout ca.key

Create your CA self-signed certificate:

$ openssl x509 -trustout -signkey ca.key -days 365 -req -in ca.csr -out ca.pem

Issue a client certificate by first generating the key, then request (or use one provided by external system) then sign the certificate using private key of your CA:

$ openssl genrsa -out client.key 1024
$ openssl req -new -key client.key -out client.csr
$ openssl ca -in client.csr -out client.cer

(You may need to add some options as I am using these commands together with my openssl.conf file. You may need to setup your own .conf file first.)

 

Reference:

https://jamielinux.com/articles/2013/08/create-an-intermediate-certificate-authority/

openssl创建自己的CA certificate

标签:des   style   blog   http   io   color   ar   os   sp   

原文地址:http://www.cnblogs.com/Security-Darren/p/4077473.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!