Skip to content

Instantly share code, notes, and snippets.

@fkurz

fkurz/snippet--create-self-signed-private-key-and-certificate-signing-request-with-cfssl.md

Last active April 6, 2019 08:48
Show Gist options
  • Save fkurz/e2e9dd4d5e704596ca3ce314ae21c9f5 to your computer and use it in GitHub Desktop.
Save fkurz/e2e9dd4d5e704596ca3ce314ae21c9f5 to your computer and use it in GitHub Desktop.
Download ZIP
Snippet: Create a self-signed private key and certificate signing request with Cloudflare SLL (cfssl)
Raw
snippet--create-self-signed-private-key-and-certificate-signing-request-with-cfssl.md

Problem

Creating a certificate signing request with CloudFlare's cfssl tool.

Solution

1. Create a Certificate Signing Request JSON file

Minimally, you want to specify the hosts, CN, and key properties. For example:

cat <<EOF > csr.json
{
  "hosts": ["example.com"],
  "CN": "example.com",
  "key": {
    "algo": "ecdsa",
    "size": 256
  }
}
EOF

2. Create Private Key and Corresponding Certificate Signing Request

cfssl genkey -initca csr.json | cfssljson -bare example

Note: We are using the name example for the output files.

The command pipe in the step above produces the output files

  • example.csr (certificate signing request)
  • example-key.pem (private key)
  • example.pem (certificate)

Notes

An installation guide for cfssl and additional information can be found on the project's Github page.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment