Wiki

User Tools

Site Tools

Trace:
certificates:create_a_ca_certificate_authority

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
certificates:create_a_ca_certificate_authority [2020/04/06 14:16] – created petercertificates:create_a_ca_certificate_authority [2020/07/15 09:30] (current) – external edit 127.0.0.1
Line 2: Line 2:
  
 <code bash> <code bash>
-openssl genrsa -out myProxykey.key 2048+openssl genrsa -out myCA.key 2048
 </code> </code>
  
-This will create an rsa key file named myProxykey.key that we use to sign our rootCA with in the next command for generating the pem file for the rootCA.+This will create an rsa key file named myCA.key that we use to sign the public pem file generated next.
  
 Create a pem file signed with the key: Create a pem file signed with the key:
  
 <code bash> <code bash>
-openssl req -x509 -new -nodes -key myProxykey.key -sha256 -days 365 -out myProxyca.pem+openssl req -x509 -new -nodes -key myCA.key -sha256 -days 365 -out myCA.pem
 </code> </code>
  
-This will prompt you to answer some questions to generate the needed pem file:+This will prompt you to answer some questions to generate the pem file
 + 
 +  * Country Name (2 letter code) [AU]:**JE** 
 +  * State or Province Name (full name) [Some-State]:**Jersey** 
 +  * Locality Name (eg, city) []:**St. Helier** 
 +  * Organization Name (eg, company) [Internet Widgits Pty Ltd]:**ShareWiz** 
 +  * Organizational Unit Name (eg, section) []:**IT** 
 +  * Common Name (e.g. server FQDN or YOUR name) []:***.sharewiz.net** 
 +  * Email Address []:
  
-<code bash> 
-Country Name (2 letter code) [AU]:**JE** 
-State or Province Name (full name) [Some-State]:**Jersey** 
-Locality Name (eg, city) []:**St. Helier** 
-Organization Name (eg, company) [Internet Widgits Pty Ltd]:**ShareWiz** 
-Organizational Unit Name (eg, section) []:**IT** 
-Common Name (e.g. server FQDN or YOUR name) []:**sharewiz.net** 
-Email Address []: 
-</code> 
  
 At this point you should have 2 files: At this point you should have 2 files:
  
 <code bash> <code bash>
-myProxyca.pem +myCA.pem 
-myProxykey.key+myCA.key
 </code> </code>
  
-The myProxyca.pem file is the public key.+The myCA.pem file is the public key. 
 + 
 +<WRAP alert> 
 +**ALERT:**  The myCA.key is the private key; which you do **NOT** want to share. 
 + 
 +Protect the private key! 
 +</WRAP>
  
-The myProxykey.key is the private key; which you do NOT want to share. 
  
  
certificates/create_a_ca_certificate_authority.1586182581.txt.gz · Last modified: 2020/07/15 09:30 (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki