...
Code Block |
---|
language | bash |
---|
title | Example how to create CA Private Key and Certificate Signing Request using ECDSA encryption (Unix) |
---|
linenumbers | true |
---|
|
# Specify key name used for file names
ca_key_name=signing-ca
# Create Private Key
openssl ecparam -genkey -name secp384r1 -out ${ca_key_name}.key
# Create Certificate Signing Request
openssl req -new -sha512 -nodes \
-key ${ca_key_name}.key \
-out ${ca_key_name}.csr \
-subj "/C=DE/ST=Berlin/L=Berlin/O=SOS/OU=IT/CN=${ca_key_name}" |
...
Expand |
---|
title | Click to expand/collapse... |
---|
|
Code Block |
---|
language | bash |
---|
title | Example how to create Private Key and Certificate Signing Request using RSA encryption (Unix) |
---|
linenumbers | true |
---|
| # Specify key name used for file names
ca_key_name=signing-ca
# Create Private Key and Certificate Signing Request
openssl req -new -newkey rsa:4096 -sha256 -nodes \
-keyout ${ca_key_name}.key \
-out ${ca_key_name}.csr \
-subj "/C=DE/ST=Berlin/L=Berlin/O=SOS/OU=IT/CN=${ca_key_name}" |
Expand |
---|
| Code Block |
---|
language | text |
---|
title | Example how to create Private Key and Certificate Signing Request using RSA encryption (Windows) |
---|
linenumbers | true |
---|
| @rem Specify key name used for file names
set ca_key_name=signing-ca
@rem Create Private Key and Certificate Signing Request
openssl req -new -newkey rsa:4096 -sha256 -nodes ^
-keyout %ca_key_name%.key ^
-out %ca_key_name%.csr ^
-subj "/C=DE/ST=Berlin/L=Berlin/O=SOS/OU=IT/CN=%ca_key_name%" |
|
|
...
Anchor |
---|
| creating_ca_certificate |
---|
| creating_ca_certificate |
---|
|
Creating the CA Certificate
...
Code Block |
---|
language | bash |
---|
title | Example how to create CA Private Key and Certificate Signing Request using ECDSA encryption (Unix) |
---|
linenumbers | true |
---|
|
# Specify key name used for file names
key_name=signing
# Create Private Key
openssl ecparam -genkey -name secp384r1 -out ${key_name}.key
# Create Certificate Signing Request
openssl req -new -sha512 -nodes \
-key ${key_name}.key \
-out ${key_name}.csr \
-subj "/C=DE/ST=Berlin/L=Berlin/O=SOS/OU=IT/CN=${key_name}" |
...
Expand |
---|
|
Code Block |
---|
language | text |
---|
title | Example how to create Signing Certificate (UnixWindows) |
---|
linenumbers | true |
---|
| @rem Specify key name used for file names
set key_name=signing
@rem Create Certificate
set user_crt_tmp_file=user-crt-%RANDOM%.tmp
copy /Y NUL %user_crt_tmp_file%
echo basicConstraints=CA:TRUE >> %user_crt_tmp_file%
echo keyUsage=critical,nonRepudiation,digitalSignature >> %user_crt_tmp_file%
echo extendedKeyUsage=critical,codeSigning >> %user_crt_tmp_file%
openssl x509 -req -sha512 -days 3652 ^
-CA signing-ca.crt ^
-CAkey signing-ca.key ^
-CAcreateserial ^
-in %key_name%.csr ^
-out %key_name%.crt ^
-extfile %user_crt_tmp_file%
del /q %user_crt_tmp_file% |
|
...