Created
October 24, 2019 08:08
-
-
Save alexeldeib/860d25492902b374c59e1fe4e8dc9e16 to your computer and use it in GitHub Desktop.
Generate a root, intermediate, and leaf cert with openssl
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $rootkey = "root-key.pem" | |
| $rootcert = "root-cert.pem" | |
| $midkey = "mid-key.pem" | |
| $midcert = "mid-cert.pem" | |
| $cert = "cert.pem" | |
| $key = "key.pem" | |
| openssl genrsa -out $rootkey 4096 | |
| openssl genrsa -out $midkey 4096 | |
| openssl genrsa -out $key 4096 | |
| openssl req -x509 -new -nodes -key $rootkey -days 1024 -out $rootcert -subj "/C=US/ST=Utah/L=Provo/O=ACME Signing Authority Inc/CN=example.com" | |
| openssl req -new -key $midkey -out midcsr.pem -subj "/C=US/ST=Utah/L=Provo/O=ACME Tech Inc/CN=reallyfake.com" | |
| openssl x509 -req -in midcsr.pem -CA $rootcert -CAkey $rootkey -CAcreateserial -out $midcert -days 365 | |
| openssl req -new -key $key -out csr.pem -subj "/C=US/ST=Washington/L=Redmond/O=Green Valleys/CN=foobar.baz" | |
| openssl x509 -req -in csr.pem -CA $midcert -CAkey $midkey -CAcreateserial -out $cert -days 365 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment