# create CA key
openssl genrsa -des3 -out ca.key 4096
# create CA request
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
# create server key
openssl genrsa -des3 -out server.key 4096
# create server req
openssl req -new -key server.key -out server.csr
# sign server req
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
# create client key
openssl genrsa -des3 -out client.key 4096
# create terminal req
# Common Name (eg, YOUR name) []:5 (where 5 - is client id)
openssl req -new -key client.key -out client.csr
# sign terminal req
openssl x509 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 02 -out client.crt
# convert to der
openssl pkcs8 -topk8 -inform PEM -in client.key -outform DER -nocrypt -out client.der
# convert to pk12
openssl pkcs12 -export -in client.crt -inkey client.key -out client.p12 -name client
# Printout
openssl x509 -text < client.crt
# Printout key
openssl rsa -text < client.key
openssl genrsa -des3 -out ca.key 4096
# create CA request
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
# create server key
openssl genrsa -des3 -out server.key 4096
# create server req
openssl req -new -key server.key -out server.csr
# sign server req
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
# create client key
openssl genrsa -des3 -out client.key 4096
# create terminal req
# Common Name (eg, YOUR name) []:5 (where 5 - is client id)
openssl req -new -key client.key -out client.csr
# sign terminal req
openssl x509 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 02 -out client.crt
# convert to der
openssl pkcs8 -topk8 -inform PEM -in client.key -outform DER -nocrypt -out client.der
# convert to pk12
openssl pkcs12 -export -in client.crt -inkey client.key -out client.p12 -name client
# Printout
openssl x509 -text < client.crt
# Printout key
openssl rsa -text < client.key
0 коммент.:
Отправить комментарий