Skip to content

Instantly share code, notes, and snippets.

@euikook

euikook/self-signed-certificates-with-certificate-authority.md

Last active October 10, 2018 07:33
Show Gist options
  • Save euikook/2ac437f8fc514231568df9085125d235 to your computer and use it in GitHub Desktop.
Save euikook/2ac437f8fc514231568df9085125d235 to your computer and use it in GitHub Desktop.
Download ZIP
How to self-signed certificate with certificate authority
Raw
self-signed-certificates-with-certificate-authority.md 
openssl genrsa -out ca.key 4096

openssl req -new -x509 -days 365 -key ca.key \
-subj "/C=KR/ST=Daejeon/L=Yuseong-gu/O=Foo Inc./CN=Foo Certificate Autority/OU=www.foo.com" \
-out ca.crt

openssl req -newkey rsa:2048 -nodes -keyout cert.key \
-subj "/C=KR/ST=Daejeon/L=Yuseong-gu/O=Foo Inc./OU=Devops/CN=*.foo.com" \
-out cert.csr

openssl x509 -req -days 365 \
-CA ca.crt -CAkey ca.key -CAcreateserial \
-extfile <(printf "subjectAltName=DNS:foo.com,DNS:www.foo.com") \
-in cert.csr -out cert.crt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment