Installed openssl-0.9.7e onto FreeBSD 5.4
Can I use the same
myca.key file to create
alpha.crt and
beta.crt ?
Are there any implications I should be aware of in doing so, aside from not using a CA like Versign ?
We are thingking of using these keys for a productions website where:
https://alpha.domain.com
https://beta.domain.com
I took the following steps to create two separate openssl certificate files.
From bsd command prompt
# openssl dsaparam -rand -genkey -out myRSA.key 1024
Next, generate the CA key:
# openssl gendsa -des3 -out myca.key myRSA.key
# Enter PEM pass phrase: {spongebob} , enter
# confirm PEM pass phrase: {spongebob} , enter
Change permissions to *.key files
# chmod 400 myca.key
# chmod 400 myRSA.key
Use this key to create the certificate:
Two certificates required, one for (alpha) and one for (beta)
Generate alpha.crt
# openssl req -new -x509 -days 1095 -key myca.key -out alpha.crt
# Enter pass phrase for myca.key: {spongebob}
# Country Name (2 letter code) [AU]: US
# State or Providence Name (Full Name) [some-state]: some-state
# Locality Name (eg, city) [ ] : city
# Organizational Name (eg, company) [ ] : Acme Corp
# Organizational Unit (eg, section) [ ] : Systems Administrator
# Common Name (eg, Your Name) [ ] : alpha.domain.com
# Email address [ ] :
NOC@domain.com
Generate beta.crt
# openssl req -new -x509 -days 1095 -key myca.key -out beta.crt
# Enter pass phrase for myca.key: {spongebob}
# Country Name (2 letter code) [AU]: US
# State or Providence Name (Full Name) [some-state]: some-state
# Locality Name (eg, city) [ ] : city
# Organizational Name (eg, company) [ ] : Acme Corp
# Organizational Unit (eg, section) [ ] : Systems Administrator
# Common Name (eg, Your Name) [ ] : beta.domain.com
# Email address [ ] :
NOC@domain.com
# chmod 400 alpha.crt
# chmod 400 beta.crt
Thanks