Tips-Of-Mine/Applications
2
0
Fork 0
Code Pull Requests Wiki Activity
Applications/Certificats Linux/02-Generation-Certificat-Server.sh
hcornet 0b373d31db update
2024-04-03 22:04:13 +02:00

21 lines
652 B
Bash
Raw Blame History

openssl genrsa -out key.pem 4096
openssl rep -subj "/CN=client" -new -key key.pem -out client.csr
cat > v3-client.cnf <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = clientAuth
subjectAltName = @alt_names
[alt_names]
DNS.1=tips-of-mine.local
DNS.2=tips-of-mine
DNS.3=hostname
IP.1=127.0.0.1
IP.2=@IP
EOF
openssl x509 -req -days 365 -sha256 -in client.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out cert.pem -extfile v3-client.cnf
chmod -v 0400 ca-key.pem key.pem server-key.pem
chmod -v 0444 ca.pem server-cert.pem cert.pem
View Git Blame Copy Permalink