| 123456789101112131415161718192021 |
- Testing x509 certs for etcd
- The passphrases for the keys are `asdf`.
- # Make the CA cert
- openssl genrsa -des3 -out ca.key 4096
- openssl req -new -x509 -days 365 -key ca.key -out ca.crt -config openssl.cnf -extensions v3_ca
- # Make server cert and signing request
- openssl genrsa -des3 -out server.key 4096
- openssl req -new -key server.key -out server.csr -config openssl.cnf
- # Sign the server csr and generate a crt
- openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt -extfile openssl.cnf -extensions v3_req
- # Output unencrypted server key
- openssl rsa -in server.key -out server.key.insecure
- # Output "raw" public key from server crt
- openssl x509 -pubkey -noout -in server.crt > server.pub
|
