[root@rhel58-clone1 ~]# vi /etc/pki/tls/openssl.cnf
dir = /etc/pki/CA
certificate = $dir/CA.crt
set the directory up:
[root@rhel58-clone1 ~]# cd /etc/pki/CA
[root@rhel58-clone1 CA]# openssl genrsa -out private/CA.key 2048
[root@rhel58-clone1 CA]# chmod 600 private/CA.key
[root@rhel58-clone1 CA]# openssl req -new -x509 -key private/CA.key -days 365 -out CA.crt
[root@rhel58-clone1 CA]# mkdir newcerts; touch index; echo 01 > serial
check this example on how to sign certificate requsts
No comments:
Post a Comment