Wednesday, July 2, 2014

Creating Root Certificate and Signing client cert




1.openssl genrsa -out rootCA.key 2048

2.The next step is to self-sign this certificate.

openssl req -x509 -new -nodes -key rootCA.key -days 1024 -out rootCA.pem




Create A Certificate and Sign with root Key


openssl genrsa -out device.key 2048


openssl req -new -key device.key -out device.csr


openssl x509 -req -in device.csr -CA root.pem -CAkey root.key -CAcreateserial -out device.crt -days 500


Converting to p12

openssl pkcs12 -export -clcerts -in device.crt -inkey client.key -out client.p12

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

curl and cacert

curl -v --cacert cacert.pem https://www.example/cgi-bin/f ile.xgi -I -X POST

  • Linking Script with Rc.5
    Here i have created a script for starting and stopping tomcat service named it as ts and placed it on /etc/init.d  in order to make this scr...
  • Run Apache on 80 with nonroot user
    Command to Run setcap 'cap_net_bind_service=+ep' /opt/apache/bin/httpd httpd is the custom script i made to run apache.
  • Comparing SSL KEY/CSR/CRT
     Comparing openssl key/csr/crt is useful to make sure signature between key/csr/crt are same openssl x509 -noout -modulus -in certificat...