Generating CA:
openssl req -x509 -nodes -days 365 -subj "/C=ES/O=Recipes/CN=ca" -newkey rsa:1024 -keyout ca_key.pem -out ca_pub.pem
Generate a client private key and csr:
openssl req -newkey rsa:1024 -out p10.p10 -keyout privket.pem
Generate a self signed certificate based on a csr:
openssl x509 -req -days 360 -in p10.p10 -signkey privket.pem -out server.crt
Sign a certificate request.
openssl ca -in p10.p10 -out server.p
Generate a PKCS12
openssl pkcs12 -export -in signcert.pem -out signFile.p12 -name "certSign" -inkey domainname.key -CAfile cacert.cer -chain
Extract a private key from a PKCS12 crypto bag
openssl pkcs12 -nokeys -in Certificado.p12 -passin pass:12345678 -out Certificado.pem
Other operations
Display the contents of a certificate:
openssl x509 -in cert.pem -noout -text
Display the certificate serial number:
openssl x509 -in cert.pem -noout -serial
Display the certificate subject name:
openssl x509 -in cert.pem -noout -subject
Extract the private key:
openssl pkcs12 -nocerts -out userkey.pem -in cert.p12
No hay comentarios:
Publicar un comentario