jradek/ssl_certificate_tutorial.md

Last active April 17, 2019 09:32

Star (1) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/jradek/5133d5307fc961487bbfe3da678942e4.js"></script>
Save jradek/5133d5307fc961487bbfe3da678942e4 to your computer and use it in GitHub Desktop.

Download ZIP

SSL certificate tutorial (Self Signed)

Raw

ssl_certificate_tutorial.md

SSL Certificate tutorial

As certificate authority (CA)

Create self signed certificate ca.cert

openssl req -newkey rsa:2048 -nodes -keyout ca.key -x509 -days 365 -out ca.cert

View the certificate

openssl x509 -noout -text -in ca.cert | less

As user (batman)

Create a password for user batman stored in batman.key
```
openssl genrsa -out batman.key 2048
```

Create sign request (CSR) batman.csr user (CN) batman in groups (O) Heros, JusticeLeague

openssl req -new -key batman.key -out batman.csr -subj "/CN=batman/O=Heros/O=JusticeLeague"

# view
openssl req  -noout -text -verify -in batman.csr | less

As authority sign the request batman.csr for batman which creates batman.cert valid for 100 days, using the certificate authority
```
openssl x509 -req -in batman.csr -CA ca.cert -CAkey ca.key -CAcreateserial -out batman.cert -days 100
```

Check requests

Verify that certificate batman.cert was signed by a CA ca.cert
```
openssl verify -verbose -CAfile ca.cert batman.cert
```

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment