ssl:generate-certificates-self-signed
                This is an old revision of the document!
Table of Contents
Generate Root CA certificate
Generate private key
You should enter a password when required.
openssl genrsa -des3 -out ca.key 2048
Output:
Generating RSA private key, 2048 bit long modulus (2 primes) ..............................+++++ ............+++++ e is 65537 (0x010001) Enter pass phrase for ca.key: Verifying - Enter pass phrase for ca.key:
Update the Root CA configuration
Edit the following configuration lines (if needed.)
- root-ca.conf
- [ req ] default_bits = 2048 default_keyfile = ca.key distinguished_name = req_distinguished_name x509_extensions = v3_ca string_mask = nombstr req_extensions = v3_req [ req_distinguished_name ] countryName = RO countryName_default = RO countryName_min = 2 countryName_max = 2 stateOrProvinceName = Romania stateOrProvinceName_default = Romania localityName = Bucharest localityName_default = Bucharest 0.organizationName = AX 0.organizationName_default = AX organizationalUnitName = AX Software organizationalUnitName_default = AX Software commonName = AX Root CA commonName_max = 64 emailAddress = admin@ax.com emailAddress_max = 40 [ v3_ca ] basicConstraints = critical,CA:true subjectKeyIdentifier = hash [ v3_req ] nsCertType = objsign,email,server 
Generate the final Root CA certificate
openssl req -new -x509 -days 3650 -config root-ca.conf -key ca.key -out ca.crt
Output:
Enter pass phrase for ca.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- RO [RO]: Romania [Romania]: Bucharest [Bucharest]: AX [AX]: AX Software [AX Software]: AX Root CA []: admin@ax.com []:
ssl/generate-certificates-self-signed.1596891440.txt.gz · Last modified: 2023/07/04 16:36 (external edit)
                
                