Skip to content

Instantly share code, notes, and snippets.

View rahulremanan's full-sized avatar

Rahul Remanan rahulremanan

37 followers · 3 following
View GitHub Profile
@rahulremanan
rahulremanan / endpoint_server_cert--inspect.py
Created January 31, 2023 15:40
Inspect contents of the endpoint server certificate
!openssl x509 -noout -text \
-in /root/ca/user/user_server.cert.pem
@rahulremanan
rahulremanan / endpoint_server_cert--server_cert.py
Created January 31, 2023 15:35
Create the endpoint server certificate
!openssl ca -config /content/inter_ca_config.ini -passin pass:password\
-extensions server_cert -days 375 -notext -md sha256 \
-in /root/ca/user/user.csr \
-out /root/ca/user/user_server.cert.pem -batch
!chmod 444 /root/ca/user/user_server.cert.pem
@rahulremanan
rahulremanan / endpoint_server_cert--csr.py
Created January 31, 2023 15:31
Create certificate signing request
!openssl req -config /content/inter_ca_config.ini -passin pass:user1234\
-key /root/ca/user/user.key.pem\
-new -sha256 -out /root/ca/user/user.csr
@rahulremanan
rahulremanan / endpoint_server_cert--user_key.py
Created January 31, 2023 14:54
Generate the user key for the endpoint server certificate
!mkdir /root/ca/user
!openssl genrsa -aes256 -passout pass:user1234 \
-out /root/ca/user/user.key.pem 4096
!chmod 400 /root/ca/user/user.key.pem
@rahulremanan
rahulremanan / intermediate_ca--certificate_chain.py
Last active January 31, 2023 14:23
Create certificate chain
!cat /root/ca/intermediate/certs/inter.cert.pem \
/root/ca/certs/ca.cert.pem > /root/ca/intermediate/certs/ca-chain.cert.pem
!chmod 444 /root/ca/intermediate/certs/ca-chain.cert.pem
@rahulremanan
rahulremanan / inter_ca_config.ini
Last active December 31, 2022 10:56
Contents of the ```.ini``` file used for storing the intermediate certificate generation configuration
# OpenSSL intermediate CA configuration file.
# Copy to `/root/ca/intermediate/inter_ca_config.ini`.
[ ca ]
# `man ca`
default_ca = CA_default
[ CA_default ]
# Directory and file locations.
dir = /root/ca/intermediate
@rahulremanan
rahulremanan / intermediate_ca--permissions_and_verify.py
Last active January 31, 2023 14:23
Set OS access permissions and verify against the root certificate
!chmod 444 /root/ca/intermediate/certs/inter.cert.pem
!openssl x509 -noout -text \
-in /root/ca/intermediate/certs/inter.cert.pem | grep CA:
!openssl verify -CAfile /root/ca/certs/ca.cert.pem \
/root/ca/intermediate/certs/inter.cert.pem
@rahulremanan
rahulremanan / intermediate_ca--generate_inter_cert.py
Created December 31, 2022 10:26
Generate intermediate certificate
!cd /root/ca;\
openssl ca -config /content/root_ca_config.ini -passin pass:foobar\
-extensions v3_intermediate_ca \
-days 3650 -notext -md sha256 \
-in intermediate/csr/inter.csr \
-out intermediate/certs/inter.cert.pem -batch
@rahulremanan
rahulremanan / intermediate_ca--csr.py
Created December 31, 2022 10:23
Generate intermediate certificate signing request
!cd /root/ca;\
openssl req -config /content/inter_ca_config.ini -new -sha256 \
-key intermediate/private/inter.key.pem -passin pass:password \
-out intermediate/csr/inter.csr
@rahulremanan
rahulremanan / intermediate_ca--private_key.py
Created December 31, 2022 10:13
Generate private key for the intermediate certificate
!cd /root/ca;\
openssl genrsa -aes256 \
-passout pass:password \
-out intermediate/private/inter.key.pem 4096
!chmod 400 /root/ca/intermediate/private/inter.key.pem