Creating a ca’s self signed certificate

By ctheroux1 Comment

In order to create your own certificates, you need a CA (certificate authority) certificate. This certificate will be used to sign every certificate you will create. To do so, execute the following command. This post assumes that “OpenSSL initial configuration” has been done previously.

  • Logon with the user ca
  • Go in its home directory and issue the command
openssl req -new -x509 -keyout private/cakey.pem -out 
                            certs/cacert.pem -days 3650

It is a good practice to put the private key on a removable media and load it only when signing new certificates. Do not loose it. It is the most important piece of data related to your certificates.

Certificate, openssl

One Comment to “Creating a ca’s self signed certificate”

  1. […] following commands. This post assumes that “OpenSSL initial configuration” and “Creating a ca’s self signed certificate” has been done […]

Blue Taste Theme created by Jabox