HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Technical (http://www.howtoforge.com/forums/forumdisplay.php?f=8)
-   -   Openssl Question (http://www.howtoforge.com/forums/showthread.php?t=56453)

ppawcio 6th March 2012 15:58

Openssl Question
 
A user sent me a .csr file and we have openssl installed. How can I create a certificate in openssl from the .csr file?

ppawcio 6th March 2012 17:13

I should post more info, I created the original certificate using these commands:

mkdir /usr/share/ssl/certs/hostname.domain.com
cd /usr/share/ssl/certs/hostname.domain.com
(umask 077 && touch host.key host.cert host.info host.pem)
openssl genrsa 2048 > host.key
openssl req -new -x509 -nodes -sha1 -days 3650 -key host.key > host.cert
...[enter *.domain.com for the Common Name]...
openssl x509 -noout -fingerprint -text < host.cert > host.info
cat host.cert host.key > host.pem
chmod 400 host.key host.pem

So if I want to renew, can i use these commands?

openssl req -new -x509 -nodes -sha1 -days 4650 -key host.key > host.cert
...[enter *.domain.com for the Common Name]...
openssl x509 -noout -fingerprint -text < host.cert > host.info
cat host.cert host.key > host.pem
chmod 400 host.key host.pem

falko 7th March 2012 17:50

You must take the CSR and go to a CA which then creates a trusted cert from it. If you don't care about browser warnings, you can use your self-signed cert.


All times are GMT +2. The time now is 12:23.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.