Generate your own private key and make sure none will ever get access to your private key:
If you need your public key outside of a certificate issue this command:
To generate a certificate request for your key:
Now you should send your certificate request ONLY to the certification authority; someone, on the other side will view your request:
and then will decide to sign your request sending a valid certificate
openssl genrsa -des3 -out private.key 2048If you need your public key outside of a certificate issue this command:
openssl rsa -in private.key -pubout -out public.keyTo generate a certificate request for your key:
openssl req -new -key private.key -out certificate.csrNow you should send your certificate request ONLY to the certification authority; someone, on the other side will view your request:
openssl req -text -noout -in certificate.csrand then will decide to sign your request sending a valid certificate
openssl x509 -days 365 -in certificate.csr -out certificate.crt -sha1 -CA ca.crt -CAkey ca.key -req -extfile user.ext
No comments:
Post a Comment