Skip to content

Instantly share code, notes, and snippets.

@Niemi
Last active February 3, 2016 16:47
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Niemi/c65d732923975086b5f3 to your computer and use it in GitHub Desktop.
Save Niemi/c65d732923975086b5f3 to your computer and use it in GitHub Desktop.
#https://wiki.mozilla.org/SecurityEngineering/x509Certs (read it)
#openssl minimum version 1.0.1
export somedomainname="example.com"
#cat > openssl.ss.cnf << EOF
#basicConstraints = CA:FALSE
#subjectAltName =DNS:$somedomainname
#extendedKeyUsage =serverAuth
#EOF
#generate Elliptic Curve Cryptography Self Signed Key
openssl req -new -x509 -sha256 -nodes \
-newkey ec:<(openssl ecparam -name prime256v1) \
-keyout $somedomainname_prime256v1.key \
-out $somedomainname_prime256v1.crt -days 1110 -utf8 \
-subj '/C=CountryCode/ST=Counrty/L=City/O="Oranization $somedomainname"/OU="IT dept"/CN=www.$somedomainname/emailAddress=noreply@$somedomainname'
##
#generate RSA Cryptography Self Signed Key
openssl req -new -x509 -sha256 -nodes \
-newkey rsa:2048 \
-keyout $somedomainname_rsa2048.key \
-out $somedomainname_rsa2048.crt -days 1110 -utf8 \
-extensions v3_ca -extfile openssl.ss.cnf \
-subj /C=CountryCode/ST=Counrty/L=City/O="Oranization $somedomainname"/CN=www.$somedomainname/emailAddress=noreply@$somedomainname
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment