OpenSSL initial configuration
This initial configuration procedure assumes that you are executing it on Linux
- Create a special user named ‘ca’. Its home directory will hold the data. It must protected carefully. For example:
groupadd -g 2000 ca useradd -g 2000 -u 2000 -m -s /bin/bash ca chmod 700 /home/ca
- Change the variable dir in /etc/ssl/openssl.cnf for the home directory of the ca user just created.
- The default values used for the certifcate requests can be changed in /etc/openssl.cnf such as countryName_default, stateOrProvinceName_default and 0.organizationName_default
- Logon with the user ca
- mkdir private certs reqs
- chmod 700 private certs reqs
2 thoughts on “OpenSSL initial configuration”
Comments are closed.