Created
January 18, 2025 10:47
-
-
Save subudear/33f2ce145a3bc19dd88e820a71170419 to your computer and use it in GitHub Desktop.
client certificate commands
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #commands to generate client private and public/cert key. Here .pem is the cert or public key and .key is private key. | |
| #generate client private key | |
| openssl genrsa -out client_private.key 4096 | |
| #generate client public key cert request | |
| openssl req -new -nodes -key client_private.key -out client.csr -config client_request.config | |
| #generate and sign the client public key /cert using CA root private and public key | |
| openssl x509 -req -sha512 -days 365 -in client.csr -CA ../rootCA.pem -CAkey ../rootCA.key -CAcreateserial -out client_public.pem -extfile client_cert.config | |
| #validate the client public using CA root public key | |
| openssl verify -CAfile ../rootCA.pem client_public.pem | |
| #to check the SHA algo and test of the public cert | |
| openssl x509 -text -noout -in client_public.pem |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment