simple_root_ca_centos_6.5
This is an old revision of the document!
Table of Contents
Simpe root CA Server
Install CA.pl
yum install openssl-perl
Create CA
/etc/pki/tls/misc/CA.pl -newca
Create CSR and sign
Create certificate sign request
/etc/pki/tls/misc/CA.pl -newreq
Create sign request
/etc/pki/tls/misc/CA.pl -signreq
Create a PKCS#12 file containing signed certificate and private key
/etc/pki/tls/misc/CA.pl -pkcs12 "My Test Certificate"
Extract key and certificate
openssl pkcs12 -nocerts -in mycert.p12 -out userkey.pem openssl pkcs12 -clcerts -nokeys -in mycert.p12 -out usercert.pem
Install CA root certificate on client
openssl x509 -in cacert.pem -out cacert.crt cp cacert.crt /etc/pki/ca-trust/source/anchors/ update-ca-trust
Verify
openssl verify -purpose sslserver -CAfile /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt client.crt
simple_root_ca_centos_6.5.1402403218.txt.gz · Last modified: 2014/06/10 12:26 by admin