procedures:internal_ca
**Ceci est une ancienne révision du document !**
CA - Interne
Root CA
openssl genrsa -aes256 -out rootCA.key 4096 openssl req -x509 -new -nodes -key rootCA.key -sha512 -days 3650 -out rootCA.crt
Country Name (2 letter code) [AU]:FR State or Province Name (full name) [Some-State]:Ille-et-Vilaine Locality Name (eg, city) []:Rennes Organization Name (eg, company) [Internet Widgits Pty Ltd]:GRIFON Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) []:ca.grif Email Address []:contact@grifon.fr
C = FR, ST = Ille-et-Vilaine, L = Rennes, O = GRIFON, CN = ca.grif, emailAddress = contact@grifon.fr
Client Cert
openssl genrsa -out mydomain.com.key 4096 openssl req -new -key mydomain.com.key -out mydomain.com.csr
ou en one line :
openssl req -new -sha256 -key mydomain.com.key -subj "/C=FR/ST=Ille-et-Vilaine/L=Rennes/O=GRIFON/CN=mydomain.com/emailAddress=contact@grifon.fr" -out mydomain.com.csr
verify csr :
openssl req -in mydomain.com.csr -noout -text
generate cert :
openssl x509 -req -in mydomain.com.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out mydomain.com.crt -days 500 -sha256
verify cert :
openssl x509 -in mydomain.com.crt -text -noout
source : https://gist.github.com/fntlnz/cf14feb5a46b2eda428e000157447309
procedures/internal_ca.1675845183.txt.gz · Dernière modification : 2023/02/08 08:33 de gizmo