OpenSSL Self-Signed Root CA
Jul 16, 2015
  1. Create private key for the CA openssl genrsa -out ca.key 4096

  2. Create public key for the CA openssl req -new -sha256 -x509 -days 3650 -key ca.key -out ca.crt

  3. Create the private key for the server openssl genrsa -out server.key 4096

  4. Certificate signing request openssl req -new -sha256 -key server.key -out server.csr

  5. Sign the server certificate with the CA (creates the public key) openssl x509 -req -days 3650 -CA ca.crt -CAkey ca.key -set_serial 01 -in server.csr -out server.crt

  6. Delete your *.csr file(s)

openssl Related