Command to generate a private key
genrsa -des3 -out [CertRoot]/private/privateKey.pem 1024
Command to generate a private key for a self signed cert
genrsa -des3 -out [CertRoot]/private/cAPrivateKey.pem 1024
Command to create a private key for Bank-Link
genrsa -out [CertRoot]/private/banklinkPrivate.pem 1024
Commands to create self seigned cert
req -new -x509 -keyout [CertRoot]/private/cAPrivateKey.pem -out [CertRoot]/ca/CACert.pem -config [CertRoot]/openssl.cnf -days[days]
req -new -x509 -key [CertRoot]/private/cAPrivateKey.pem -out [CertRoot]/ca/CACert.pem -config [CertRoot]/openssl.cnf -days [days]
Command to create a certificate request
req -new -key [CertRoot]/private/privateKey.pem -out [CertRoot]/cert.csr
Command to sign a server certiciate request
x509 -req -in [CertRoot]/cert.csr -CA [CertRoot]/ca/CACert.pem -CAkey [CertRoot]/private/CAPrivateKey.pem -CAserial [CertRoot]/serial -out [CertRoot]/cert.pem -days [days]
ca -policy policy_anything -config [CertRoot]/openssl.cnf -cert [CertRoot]/ca/CACert.pem -keyfile [CertRoot]/private/CAPrivateKey.pem -in [CertRoot]/cert.csr -out [CertRoot]/cert.pem -days [days]
Command to convert a PKCS#12 file to .pem format
openssl pkcs12 -in banklink.pfx -out banklink.pem -nodes
See also - To install cert in IIS
http://www.dylanbeattie.net/docs/openssl_iis_ssl_howto.html
See also - Free SSL supported by browsers
https://cert.startcom.org/
No comments:
Post a Comment