openssl/ca/create,sign

2019-08-24 16:20:06 +02:00 · 2019-08-24 16:20:06 +02:00 · 5e965826e3
commit 5e965826e3
parent 89ae174833
4 changed files with 41 additions and 34 deletions
--- a/in/public/openssl/ca/create.rst
+++ b/in/public/openssl/ca/create.rst
@ -0,0 +1,80 @@
+Create
+======
+
+init
+----
+
+.. code:: shell
+
+  rm --force --recursive "demoCA"
+  mkdir --parents "demoCA/newcerts"
+  echo -n "" > "demoCA/index.txt"
+  echo "00" > "demoCA/serial"
+
+request
+-------
+
+.. code:: shell
+
+  echo -n "\
+  US
+  Region / County (code)
+  City / Place
+  Decreasing / Hierarchy
+  Name
+  Name
+  alias@domain.tld
+  .
+  .
+  " \
+  | \
+  openssl \
+  req \
+  -new \
+  -key "name.pem" \
+  -out "name.csr" \
+  -utf8 \
+
+signature
+---------
+
+.. code:: shell
+
+  openssl \
+  ca \
+  -selfsign \
+  -in "name.csr" \
+  -keyfile "name.pem" \
+  -notext \
+  -out "name.crt" \
+  -startdate 20160801000000Z \
+  -enddate 20180801000000Z \
+  -batch \
+  -extensions "v3_ca" \
+
+----
+
+quick & dirty variant
+---------------------
+
+.. code:: shell
+
+  openssl \
+  ca \
+  -selfsign \
+  -keyfile "private_key.pem" \
+
+----
+
+dirtier certificate only variant
+--------------------------------
+
+.. code:: shell
+
+ openssl \
+ req \
+ -new \
+ -x509 \
+ -days 365 \
+ -key ca.key \
+ -out ca.crt