Created
September 15, 2021 16:07
-
-
Save lucaspiller/977846c00ddacbaa44351239141fb351 to your computer and use it in GitHub Desktop.
OpenSSL Client Certificates
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Extra: Generate self-signed server certificate | |
| openssl req -nodes -new -x509 -keyout server.key -out server.crt -days 3650 | |
| # Generate CA for client certificates | |
| openssl req -nodes -new -x509 -keyout client-ca.key -out client-ca.crt -days 3650 -subj "/CN=Client CA/O=My Company Name LTD./C=US" | |
| # Set client name which will be used as CN | |
| export CLIENT=bob | |
| # Generate CSR for client certificate | |
| openssl req -nodes -newkey rsa -keyout client-$CLIENT.key -out client-$CLIENT.csr -subj "/CN=$CLIENT/O=My Company Name LTD./C=US" | |
| # Sign client certificate | |
| openssl x509 -req -in client-$CLIENT.csr -signkey client-ca.key -out client-$CLIENT.crt -days 3650 | |
| # Bundle everything into one file | |
| cat client-$CLIENT.key client-$CLIENT.crt client-ca.crt > client-$CLIENT.pem | |
| # Cleanup | |
| rm client-$CLIENT.key client-$CLIENT.crt client-$CLIENT.csr |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment