How to Create Self-Signed Certificates using OpenSSL
The OpenSSL toolkit is required to generate a self-signed certificate.
# yum install openssl
Creating Self-Signed SSL Certificate
# mkdir /etc/pki/tls/myssl
# cd /etc/pki/tls/myssl
# openssl req -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out new_example.crt -keyout new_example.key
Can't load /root/.rnd into RNG
140468795707840:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd
Generating a RSA private key
................................................................................++++
................................++++
writing new private key to 'new_example.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Enter the information requested and press Enter.
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:Delhi
Locality Name (eg, city) []:Delhi
Organization Name (eg, company) [Internet Widgits Pty Ltd]:example.com
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:*.example.com
Email Address []:root@example.com
The certificate and private key will be created
# ls
new_example.crt new_example.key
Comments
Post a Comment