Skip to content

Instantly share code, notes, and snippets.

@timhughes
Last active April 23, 2020 16:52
Show Gist options
  • Save timhughes/ac0653baf4d975d18666196e0012d5ff to your computer and use it in GitHub Desktop.
Save timhughes/ac0653baf4d975d18666196e0012d5ff to your computer and use it in GitHub Desktop.
Insecure Test Certificate Authority
# Create unencrypted ca
MYCN=$!
#openssl genrsa -des3 -out myCA.key 2048
openssl genrsa -out myCA.key 2048
openssl req -x509 -new -nodes -key myCA.key -sha256 -days 1 -out myCA.pem -subj "/C=GB/ST=INSECURE/L=INSECURE CA/O=INSECURE CA/CN=MY INSECURE CA/emailAddress=insecure@example.com"
openssl req -new -nodes -keyout ${MYCN}.key.pem -out ${MYCN}.csr -sha256 -days 1 -subj "/C=GB/ST=INSECURE/L=INSECURE CA/O=INSECURE CA/CN=${MYCN}" # -config /etc/pki/tls/openssl.cnf -extensions v3_req
openssl x509 -req -CAkey myCA.key -CA myCA.pem -CAcreateserial -sha256 -days 1 -in ${MYCN}.csr -out ${MYCN}.crt.pem # -extfile /etc/pki/tls/openssl.cnf -extensions v3_req
@timhughes
Copy link
Author

This is insecure , I use only in test vagrant virtual machines

cp myCA.pem /etc/pki/ca-trust/source/anchors/test.crt
update-ca-trust enable
update-ca-trust extract

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment