Created
February 13, 2018 14:28
-
-
Save nicopace/1c9f4d1dc6d7615ff2dd4fa08f1d4e16 to your computer and use it in GitHub Desktop.
Generate self signed wildcard certificate
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ req ] | |
| default_bits = 2048 | |
| default_keyfile = server-key.pem | |
| distinguished_name = subject | |
| req_extensions = req_ext | |
| x509_extensions = x509_ext | |
| string_mask = utf8only | |
| [ subject ] | |
| countryName = Country Name (2 letter code) | |
| countryName_default = US | |
| stateOrProvinceName = State or Province Name (full name) | |
| stateOrProvinceName_default = NY | |
| localityName = Locality Name (eg, city) | |
| localityName_default = New York | |
| organizationName = Organization Name (eg, company) | |
| organizationName_default = Example, LLC | |
| commonName = Common Name (e.g. server FQDN or YOUR name) | |
| commonName_default = Example Company | |
| emailAddress = Email Address | |
| emailAddress_default = [email protected] | |
| [ x509_ext ] | |
| subjectKeyIdentifier = hash | |
| authorityKeyIdentifier = keyid,issuer | |
| basicConstraints = CA:FALSE | |
| keyUsage = digitalSignature, keyEncipherment | |
| subjectAltName = @alternate_names | |
| nsComment = "OpenSSL Generated Certificate" | |
| [ req_ext ] | |
| subjectKeyIdentifier = hash | |
| basicConstraints = CA:FALSE | |
| keyUsage = digitalSignature, keyEncipherment | |
| subjectAltName = @alternate_names | |
| nsComment = "OpenSSL Generated Certificate" | |
| [ alternate_names ] | |
| DNS.1 = * |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| openssl req -config any.sslreq.conf -new -sha256 -newkey rsa:2048 -nodes -keyout any.key -x509 -days 365 -out any.crt -subj /CN=My\ Name/OU=My\ Organization/[email protected] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
openssl x509 -req -in any.csr -CA ../rootCert/myCA.pem -CAkey ../rootCert/myCA.key -CAcreateserial -out any.signed.crt -days 1825 -sha256 -extfile any.ext -passin pass:1234
#TODO check why this signing is not working