5. Certificate and Private Key Examples
Below is an example of self-signed certificate and keys.
ca.crt is CA certificate
server.crt is the server certificate
server.key is server private key
client.crt is the client certificate
client.key is client private key
Don’t support private key with passphrase protected, e.g. don’t add “-des3” in step 3
and step 6
Openssl command example:
openssl genrsa -des3 -out ca.key 2048
openssl req -new -x509 -key ca.key -out ca.crt -days 3650 // generate CA certificate
openssl genrsa -out server.key 2048 // generate server private key
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 3650 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -
out server.crt // generate server certificate
openssl genrsa -out client.key 2048 // generate client private key
openssl req -new -key client.key -out client.csr
openssl x509 -req -days 3650 -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -
out client.crt // generate client certificate
ca.crt example:
-----BEGIN CERTIFICATE-----
MIIDdzCCAl+gAwIBAgIJALSD+kQkX3FuMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQxCzAJBgNVBAMMAmRkMB4XDTE5MDUwNTAzMDk0NloXDTIw
MDUwNDAzMDk0NlowUjELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
To Next Page
Loading...
