OpenSSL CA-Infrastructure

Generate your own private key and make sure none will ever get access to your private key:
openssl genrsa -des3 -out private.key 2048

If you need your public key outside of a certificate issue this command:
openssl rsa -in private.key -pubout -out public.key

To generate a certificate request for your key:
openssl req -new -key private.key -out certificate.csr

Now you should send your certificate request ONLY to the certification authority; someone, on the other side will view your request:
openssl req -text -noout -in certificate.csr

and then will decide to sign your request sending a valid certificate
openssl x509 -days 365 -in certificate.csr -out certificate.crt -sha1 -CA ca.crt -CAkey ca.key -req -extfile user.ext


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s