Ref. https://www.learn2crack.com/2014/02/create-ssl-certificate-openssl.html
OpenSSL is an open-source implementation of the SSL and TLS protocols. OpenSSL can be used to create your own Self Signed SSL certificates which can be used with your website. In this tutorial we are going to show you how to create a SSL certificate in Ubuntu. Here I am using Ubuntu Linux 13.10 distribution.
Steps to create a Self-Signed SSL Certificate
1.OpenSSL is pre installed in almost all Linux distributions. Check OpenSSL is installed by typing the command.
openssl version
It will show you present openssl version. If OpenSSL is not present install it using the command
sudo apt-get install openssl
2. Now enter into the Terminal as root by typing
sudo -su
Then type your password.
3. In this step we are going to create a private key with a password. Type the command
openssl genrsa -des3 -out learn2crack.key 1024
It will ask for a pass phrase. Enter a passphrase to continue. If you need 2048 bit encryption replace 1024 with 2048. Here I have created the key as learn2crack.key , Use your prefered name for the key.
4. Next step is to create a CSR which is Certificate Signing Request. Enter the command to create CSR
openssl req -new -key learn2crack.key -out learn2crack.csr
Enter the details required and finally you will find a .csr file in your directory.
5. This step is to sign your certificate. Enter the following command
openssl x509 -req -days 365 -in learn2crack.csr -signkey learn2crack.key -out learn2crack.crt
Here 365 is the number of days the certificate is valid for. Finally you will find a crt file which can be used with your website.
Creating PEM file
PEM is a container which contains both private key and Certificate Signing Request. Use the command to create PEM
cat learn2crack.key learn2crack.crt > learn2crack.pem
Creating pk8
pk8 is a file which contains the private key which can be useful when signing Android APK using SignAPK. Use the command to create pk8 file from PEM file
openssl pkcs8 -topk8 -outform DER -in learn2crack.pem -inform PEM -out key.pk8 -nocrypt
Note: Using Self Signed certificates with your website shows warning in browsers. Use it for your personal purpose. Any questions comment here.
'Security' 카테고리의 다른 글
Access Management with OpenID Connect 1.0 (0) | 2021.01.21 |
---|---|
OpenID Connect flow (0) | 2021.01.21 |
침입탐지시스템 분류(정리중..) (0) | 2014.12.11 |
정보 수집 ( Information Gathering ) (0) | 2014.05.01 |
SHA-512 계산(Computation) [이론 2편] (0) | 2014.04.09 |
댓글