Quote:
Originally Posted by stickman
Do you mean the cert generated from the CSR? Most applications using SSL require just the initial key and the matching cert to start.
|
In Openssl after a root CA has ben generated here are the following commands to create an intermediate CA;
as root
cd /export/certificate
mkdir (directory name)
cd (directory name)
cp /export/certificate/CA.pl .
./CA.pl –newca
/export/certificate/Somedirectory/ROOT_CA_CERT.pem
cd demoCA/private
cp /export/certificate/Somedirectory/ROOT_CA_KEY.pem
cp ROOT_CA_KEY.pem cakey.pem
chmod 775 cakey.pem
cd ..
chmod 775 cacert.pem
./CA.pl -newreq
Passphrase : Demo
Country: US
State: New York
City: Anytown
Some Corporation
some Generic Certificate Authority (usually a server)
Enter
Enter
./CA.pl –signCA
PassPhrase: Demo
newreq.pem is key with CSR request inside
newcert.pem is certificate