Difference between revisions of "How to create SSL CA Cert Server"

From HyperSecurity Wiki
Jump to: navigation, search
 
Line 1: Line 1:
[https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.2/html/Developer_Guide/Creating_an_SSL_Certificate.html CA Issue Source]]
+
[https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.2/html/Developer_Guide/Creating_an_SSL_Certificate.html CA Issue Source]
 +
[http://superuser.com/questions/126121/how-to-create-my-own-certificate-chain/418429 Generate SSl Chain]
  
 
OpenSSL needs to have a CA directory created in order to sign crt requests. Use the following steps to create a CA server, then generate/sign keys:
 
OpenSSL needs to have a CA directory created in order to sign crt requests. Use the following steps to create a CA server, then generate/sign keys:

Revision as of 22:40, 3 March 2016

CA Issue Source Generate SSl Chain

OpenSSL needs to have a CA directory created in order to sign crt requests. Use the following steps to create a CA server, then generate/sign keys:

Run the following to create a CA directory: 

cd /etc/pki/
mv CA CA.original
CA.pl -newca
mv demoCA CA

Fix CA issues: 

touch /etc/pki/CA/index.txt
echo '1000' > /etc/pki/CA/serial

Now to generate and sign a cert:

Retrieved from "http://www.hypersecuresolutions.com/wiki/index.php?title=How_to_create_SSL_CA_Cert_Server&oldid=2125"