![]() Openssl x509 -req -in client.csr -text -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -out client-cert.pemĪt this point you should have the following files in the directory: $ ls ~/certĬa-cert.pem ca-cert.srl ca.csr ca-key.pem client-cert.pem client.csr client-key.pem server-cert.pem server.csr server-key.pem Now, let's create the client key and certificate: openssl req -new -nodes -text -out client.csr -keyout client-key.pem -subj "/CN=pg-client" Openssl x509 -req -in server.csr -text -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -out server-cert.pem Openssl req -new -nodes -text -out server.csr -keyout server-key.pem -subj "/CN=pg-server" Openssl x509 -req -in ca.csr -text -extfile /etc/ssl/openssl.cnf -extensions v3_ca -signkey ca-key.pem -out ca-cert.pem Openssl req -new -nodes -text -out ca.csr -keyout ca-key.pem -subj "/CN=certificate-authority" Let's create the server certificate first: mkdir ~/cert
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |