Your own CentOS 7 SSL CA

Create your CA keys and install them.

mkdir ~/newca
cd ~/newca
openssl genrsa -des3 -out myCA.key 4096
openssl req -x509 -new -nodes -key myCA.key -sha256 -days 1825 -out myCA.pem
cp myCA.key /etc/pki/CA/private/cakey.pem
cp myCA.pem /etc/pki/CA/cacert.pem
touch /etc/pki/CA/index.txt
echo '1000' > /etc/pki/CA/serial

Create a certificate request and sign it.

openssl req -newkey rsa:2048 -nodes -keyout client.key -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" -out client.csr
openssl ca -in client.csr -days 1000 -out client-.pem

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.