30 lines
998 B
Bash
30 lines
998 B
Bash
# delete crt and key file
|
|
rm *.crt
|
|
rm *.key
|
|
|
|
# Create CA private key and self-signed certificate
|
|
# adding -nodes to not encrypt the private key
|
|
openssl req -x509 -newkey rsa:4096 -nodes -days 365 -keyout ca.key -out ca.crt -subj "/C=TR/ST=ASIA/L=ISTANBUL/O=DEV/OU=TUTORIAL/CN=*.litmuschaos.io/emailAddress=litmuschaos@gmail.com"
|
|
|
|
echo "CA's self-signed certificate"
|
|
openssl x509 -in ca.crt -noout -text
|
|
|
|
# Create Web Server private key and CSR
|
|
# adding -nodes to not encrypt the private key
|
|
openssl req -newkey rsa:4096 -nodes -keyout tls.key -out server-req.pem -subj "/C=TR/ST=ASIA/L=ISTANBUL/O=DEV/OU=BLOG/CN=*.litmuschaos.io/emailAddress=litmuschaos@gmail.com"
|
|
|
|
# Sign the Web Server Certificate Request (CSR)
|
|
openssl x509 -req -in server-req.pem -CA ca.crt -CAkey ca.key -CAcreateserial -out tls.crt -extfile server-ext.conf
|
|
|
|
echo "Server's signed certificate"
|
|
openssl x509 -in tls.crt -noout -text
|
|
|
|
# Verify certificate
|
|
echo "Verifying certificate"
|
|
openssl verify -CAfile ca.crt tls.crt
|
|
|
|
|
|
|
|
|
|
|