Created
October 23, 2020 11:52
-
-
Save Koriit/b877406f5eead0b6dce5295785f92444 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CA | |
openssl genrsa -aes256 -out rootCA.key 4096 | |
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 3650 -out rootCA.crt | |
truststore.jks | |
keytool -keystore truststore.jks -alias rootca -import -file rootCA.crt | |
openssl signing | |
openssl genrsa -aes256 -out server.key 2048 | |
openssl req -new -key server.key -out server.csr | |
openssl x509 -req -in server.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -days 3650 -sha256 -out server.crt | |
or (if serial file exists) | |
openssl x509 -req -in server.csr -CA rootCA.crt -CAkey rootCA.key -CAserial rootCA.srl -days 3650 -out server.crt | |
keytool signing + keystore.jks | |
keytool -genkey -alias server -keyalg RSA -keystore server_keystore.jks -keysize 2048 | |
keytool -keystore server_keystore.jks -alias server -certreq -file server.csr | |
openssl x509 -req -in server.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -days 3650 -sha256 -out server.crt | |
or (if serial file exists) | |
openssl x509 -req -in server.csr -CA rootCA.crt -CAkey rootCA.key -CAserial rootCA.srl -days 3650 -out server.crt | |
keytool -keystore server_keystore.jks -alias rootCA -import -file rootCA.crt | |
keytool -keystore server_keystore.jks -alias server -import -file server.crt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment