CA/Server Client Zertifikate erstellen

Aus Howtos und Gedankenstuetzen

Inhaltsverzeichnis

1 Ca erstellen
2 Server Zertifikat Schlüssel
3 Client Zertifikat Schlüssel
4 Diffie Hellman Parameter

Ca erstellen

openssl genrsa -aes256 -out conf/ca-key.pem 2048
openssl req -new -x509 -days 365 -key ca-key.pem -out ca.pem -set_serial 1
touch index.txt && echo "01" > serial

Server Zertifikat Schlüssel

openssl req -new -newkey rsa:2048 -out server.csr -keyout server.key -days 365
openssl x509 -req -in server.csr -out server.crt -CA ca.pem -CAkey ca-key.pem -CAcreateserial -CAserial ca.srl -set_serial 1

Client Zertifikat Schlüssel

openssl req -new -newkey rsa:2048 -out client1.csr -keyout client1.key -days 365
openssl x509 -req -in server.csr -out client1.crt -CA ca.pem -CAkey ca-key.pem -CAcreateserial -CAserial ca.srl -set_serial 1

Diffie Hellman Parameter

openssl dhparam -out dh2048.pem 2048

Von „http://wiki.chaosfield.org/index.php/CA/Server_Client_Zertifikate_erstellen“

Kategorien: SSL | Apache