Created
July 18, 2021 19:20
-
-
Save georgechang/a8d0592bdb839f2cdb4bf3f0045e91d8 to your computer and use it in GitHub Desktop.
Create client cert with openssl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # create new client key | |
| openssl genrsa -out dhclient.key 2048 | |
| # create CSR from key | |
| openssl req -new -key .\client.key -out client.csr | |
| # create .key file from cert | |
| openssl pkcs12 -in cert.p12 -nocerts -out cert.key -nodes | |
| # create .pem file from cert | |
| openssl pkcs12 -in cert.p12 -nokeys -clcerts -out cert.pem | |
| # fulfill CSR | |
| openssl x509 -req -in client.csr -CA cert.pem -CAkey cert.key -CAcreateserial -out client.pem -extfile client.ext -days 365 -sha256 | |
| # convert back into .p12 | |
| openssl pkcs12 -export -inkey client.key -in client.pem -out client.p12 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment