Kmaiti

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Saturday, 31 December 2011

How to locally generate CA certificate and server - client certificate using CA on linux ?

Posted on 22:55 by Unknown
Creating certification authority :

$cd /etc/newcerts
$openssl genrsa 2048 > ca-key.pem
$openssl req -new -x509 -nodes -days 1000 -key ca-key.pem > ca-cert.pem

NOTE: Last command will ask for details of certificate provider. So, provide short names

Creating certificate for server using above CA certificate :

$openssl req -newkey rsa:2048 -days 1000 -nodes -keyout server-key.pem > server-req.pem
$openssl x509 -req -in server-req.pem -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem

NOTE: First command may ask for a password. Don't provide it. Just press enter key for two times.

Creating certificate for client using above CA certificate(similar like server) :

$openssl req -newkey rsa:2048 -days 1000 -nodes -keyout client-key.pem > client-req.pem .
$openssl x509 -req -in client-req.pem -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > client-cert.pem

NOTE : Provide details of client owner who will contact server. Short names may be same

Now client will contact to server using client-cert.pem and server will consult it its server-cert.pem and approve encryption.

Note that I have used same CA to generate cert for server as well as for client.
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • [a fatal error or timeout occurred while processing this directive] + cpanel
    Guys, Just check the cpanel log file and you'll get the clue from there. I got following messages : execute : tail -f /usr/local/cpanel/...
  • How to verify UDP packet communication between two linux system?
    Guys, Today, I had to check UDP packet communication between linux and a windows system. Main purpose of the windows system was to capturing...
  • How do I determine if my x86-compatible Intel system is multi-processor, multi-core or supports hyperthreading?
    Guys, We need to know about multi-processor, multi-core or supports hyperthreading. Here are the details : Physical ID (Physical processor o...
  • NDMP communication failure error
    Guys, Issue : Netbackup server sends alert NDMP communication failure once everyday. But there is no issue to run scheduled backup jobs. Env...
  • How to store sftp log messages in custom file on RHEL 6?
    How to setup chrooted sftp account on RHEL 6? $groupadd sftponly $$useradd user123 $usermod -d /myhome -g sftponly -s /bin/false user123 $mk...
  • configure: error: This c-client library is built with Kerberos support
    Guys, I got the error message during executing easyapache. I have manually recompiled the php on cpanel server. Here is the script that I ha...
  • New posts are coming soon..
    Hi Guys, It's been a long time I didn't post any article or issue here. There were few transitions in my career and I was bit busy. ...
  • WHM + http showing failed ?
    Guys, Please check the log of the apache server like : 1. tail -f /usr/local/apache/logs/error_log 2. check the http port in /usr/local/apac...
  • How to enable php in apache on RHEL ?
    1. In order to enable php engine in apache, you should make sure php is installed in the system first. Then refer following steps : locate l...
  • How to access the webalizer from the outside of the cpanel?
    Guys, I don't want to post this type of article since you'll get it from the Google. But still I did. I followed following steps : E...

Categories

  • ACL
  • ESX
  • Linux
  • Storage
  • UCS

Blog Archive

  • ►  2013 (5)
    • ►  May (1)
    • ►  April (3)
    • ►  February (1)
  • ►  2012 (10)
    • ►  July (1)
    • ►  June (1)
    • ►  April (1)
    • ►  March (3)
    • ►  February (3)
    • ►  January (1)
  • ▼  2011 (86)
    • ▼  December (3)
      • How to locally generate CA certificate and server ...
      • How to install mysql and configure SSL with it?
      • How to generate UDP packets and capture them?
    • ►  November (2)
    • ►  September (19)
    • ►  August (9)
    • ►  July (5)
    • ►  June (9)
    • ►  May (12)
    • ►  April (3)
    • ►  March (4)
    • ►  February (5)
    • ►  January (15)
  • ►  2010 (152)
    • ►  December (9)
    • ►  November (34)
    • ►  October (20)
    • ►  September (14)
    • ►  August (24)
    • ►  July (19)
    • ►  June (3)
    • ►  May (25)
    • ►  April (3)
    • ►  January (1)
Powered by Blogger.