Skip to content

Instantly share code, notes, and snippets.

@maraino
Last active November 2, 2020 22:35
Show Gist options
  • Save maraino/decbc335f27314e194487b4e97d116f0 to your computer and use it in GitHub Desktop.
Save maraino/decbc335f27314e194487b4e97d116f0 to your computer and use it in GitHub Desktop.
$ step version
Smallstep CLI/0.15.3 (darwin/amd64)
Release Date: 2020-10-22 04:29 UTC
$ step certificate create 'My Root CA' root_ca.crt root_ca_key --profile root-ca
Please enter the password to encrypt the private key:
Your certificate has been saved in root_ca.crt.
Your private key has been saved in root_ca_key.
$ step certificate create 'My Intermediate CA' intermediate_ca.crt intermediate_ca_key --profile intermediate-ca --ca root_ca.crt --ca-key root_ca_key
Please enter the password to decrypt root_ca_key:
Please enter the password to encrypt the private key:
Your certificate has been saved in intermediate_ca.crt.
Your private key has been saved in intermediate_ca_key.
$ step certificate create fqdn.example.com new-cert.crt new-cert.key --ca intermediate_ca.crt --ca-key intermediate_ca_key --bundle
Please enter the password to decrypt intermediate_ca_key:
Please enter the password to encrypt the private key:
Your certificate has been saved in new-cert.crt.
Your private key has been saved in new-cert.key.
$ cat new-cert.crt
-----BEGIN CERTIFICATE-----
MIIBxzCCAW2gAwIBAgIRAM1a24sM8ua7//kd+5yzkjYwCgYIKoZIzj0EAwIwHTEb
MBkGA1UEAxMSTXkgSW50ZXJtZWRpYXRlIENBMB4XDTIwMTEwMjIyMzAwMloXDTIw
MTEwMzIyMzAwMlowGzEZMBcGA1UEAxMQZnFkbi5leGFtcGxlLmNvbTBZMBMGByqG
SM49AgEGCCqGSM49AwEHA0IABHWU9ElIaO0Q3KSXXRJdbjYyrD+ymN0OPQMTMbKT
7tsgFAAwuT1tXTgDyNXInd3DHAeCD63Uz7h5OyBDlYizsA6jgY8wgYwwDgYDVR0P
AQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
FgQUfobxZTveOXIphorgBf/zz2f4QYwwHwYDVR0jBBgwFoAUFA0T/2NVj7DAWDvJ
1s7AYCXYfgQwGwYDVR0RBBQwEoIQZnFkbi5leGFtcGxlLmNvbTAKBggqhkjOPQQD
AgNIADBFAiAtMa8QK5BU1XzikFYmZRornLUm1CUphY+1odigckA/yAIhANx0DPmT
Q96DMUq4iiUXxVcCIUrWiP+EiiUSQaAppk/+
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIBlzCCAT2gAwIBAgIRALT6IQBOkspvIuusLFi+RfEwCgYIKoZIzj0EAwIwFTET
MBEGA1UEAxMKTXkgUm9vdCBDQTAeFw0yMDExMDIyMjI5MzNaFw0zMDEwMzEyMjI5
MzNaMB0xGzAZBgNVBAMTEk15IEludGVybWVkaWF0ZSBDQTBZMBMGByqGSM49AgEG
CCqGSM49AwEHA0IABC+SZs4c6n/Nj0rSdUHKQCbqIeBcB+AiqJuNkjg9e1n3RIGJ
di/8kifHNY2dW8f4jmn4Ny/duEL6oOSe3Ef8C1ujZjBkMA4GA1UdDwEB/wQEAwIB
BjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQUDRP/Y1WPsMBYO8nWzsBg
Jdh+BDAfBgNVHSMEGDAWgBSbeyJnva9tdh4G2a48FEBfx6LpFDAKBggqhkjOPQQD
AgNIADBFAiEAxvBfpZA+sfgh0yqVxpXXizSKbYNAmnrcJzGX0GYy3+ICIFKETjPc
2pQWc9y+TwQo37jOTj+YYuIi7SIm8Rn3DyAm
-----END CERTIFICATE-----
$ step certificate create fqdn.example.com new-cert-no-bundle.crt --key new-cert.key --ca intermediate_ca.crt --ca-key intermediate_ca_key
Please enter the password to decrypt new-cert.key:
Please enter the password to decrypt intermediate_ca_key:
Your certificate has been saved in new-cert-no-bundle.crt.
$ cat new-cert-no-bundle.crt
-----BEGIN CERTIFICATE-----
MIIBxzCCAW2gAwIBAgIRAJEtBAKN8UkRoM16pMnzu2QwCgYIKoZIzj0EAwIwHTEb
MBkGA1UEAxMSTXkgSW50ZXJtZWRpYXRlIENBMB4XDTIwMTEwMjIyMzA0MloXDTIw
MTEwMzIyMzA0MlowGzEZMBcGA1UEAxMQZnFkbi5leGFtcGxlLmNvbTBZMBMGByqG
SM49AgEGCCqGSM49AwEHA0IABHWU9ElIaO0Q3KSXXRJdbjYyrD+ymN0OPQMTMbKT
7tsgFAAwuT1tXTgDyNXInd3DHAeCD63Uz7h5OyBDlYizsA6jgY8wgYwwDgYDVR0P
AQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
FgQUfobxZTveOXIphorgBf/zz2f4QYwwHwYDVR0jBBgwFoAUFA0T/2NVj7DAWDvJ
1s7AYCXYfgQwGwYDVR0RBBQwEoIQZnFkbi5leGFtcGxlLmNvbTAKBggqhkjOPQQD
AgNIADBFAiEAxFRzd4SdgEDXHu5ImEy2c8oZWe824CPmzu9jL3CQNzoCIHgdFr+O
f6y8nEDsDaNo9k6f3+GhDdrmJWQ6T7JeUnNu
-----END CERTIFICATE-----
$ step certificate bundle new-cert-no-bundle.crt intermediate_ca.crt new-cert-bundle.crt
Your certificate has been saved in new-cert-bundle.crt.
$ cat new-cert-bundle.crt
-----BEGIN CERTIFICATE-----
MIIBxzCCAW2gAwIBAgIRAJEtBAKN8UkRoM16pMnzu2QwCgYIKoZIzj0EAwIwHTEb
MBkGA1UEAxMSTXkgSW50ZXJtZWRpYXRlIENBMB4XDTIwMTEwMjIyMzA0MloXDTIw
MTEwMzIyMzA0MlowGzEZMBcGA1UEAxMQZnFkbi5leGFtcGxlLmNvbTBZMBMGByqG
SM49AgEGCCqGSM49AwEHA0IABHWU9ElIaO0Q3KSXXRJdbjYyrD+ymN0OPQMTMbKT
7tsgFAAwuT1tXTgDyNXInd3DHAeCD63Uz7h5OyBDlYizsA6jgY8wgYwwDgYDVR0P
AQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
FgQUfobxZTveOXIphorgBf/zz2f4QYwwHwYDVR0jBBgwFoAUFA0T/2NVj7DAWDvJ
1s7AYCXYfgQwGwYDVR0RBBQwEoIQZnFkbi5leGFtcGxlLmNvbTAKBggqhkjOPQQD
AgNIADBFAiEAxFRzd4SdgEDXHu5ImEy2c8oZWe824CPmzu9jL3CQNzoCIHgdFr+O
f6y8nEDsDaNo9k6f3+GhDdrmJWQ6T7JeUnNu
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIBlzCCAT2gAwIBAgIRALT6IQBOkspvIuusLFi+RfEwCgYIKoZIzj0EAwIwFTET
MBEGA1UEAxMKTXkgUm9vdCBDQTAeFw0yMDExMDIyMjI5MzNaFw0zMDEwMzEyMjI5
MzNaMB0xGzAZBgNVBAMTEk15IEludGVybWVkaWF0ZSBDQTBZMBMGByqGSM49AgEG
CCqGSM49AwEHA0IABC+SZs4c6n/Nj0rSdUHKQCbqIeBcB+AiqJuNkjg9e1n3RIGJ
di/8kifHNY2dW8f4jmn4Ny/duEL6oOSe3Ef8C1ujZjBkMA4GA1UdDwEB/wQEAwIB
BjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQUDRP/Y1WPsMBYO8nWzsBg
Jdh+BDAfBgNVHSMEGDAWgBSbeyJnva9tdh4G2a48FEBfx6LpFDAKBggqhkjOPQQD
AgNIADBFAiEAxvBfpZA+sfgh0yqVxpXXizSKbYNAmnrcJzGX0GYy3+ICIFKETjPc
2pQWc9y+TwQo37jOTj+YYuIi7SIm8Rn3DyAm
-----END CERTIFICATE-----
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment