Creating a chain of certificates

Posted by StackedCrooked on Super User See other posts from Super User or by StackedCrooked
Published on 2010-04-07T13:12:00Z Indexed on 2010/04/07 13:13 UTC
Read the original article Hit count: 326

Filed under:
|

This question is a follow up to my previous question, which was, in retrospect, not completely answered: http://superuser.com/questions/126121/how-to-create-my-own-certificate-chain.

I'll represent my certificate chain like this:

ROOT -> A -> B -> C -> ...

I am now able to create the ROOT and A certificates, but I didn't succeed in continueing the chain.

My command for creating the root certificate is:

openssl req -new -newkey rsa:1024 -nodes -out ca.csr -keyout ca.key
openssl x509 -trustout -signkey ca.key -days 365 -req -in ca.csr -out ca.pem

Certificate A:

openssl genrsa -out client.key 1024
openssl req -new -key client.key -out client.csr
openssl ca -in client.csr -out client.cer

This command depends on the root certificate implicitly using the data found in the openssl config file.

Certificate B will only rely on A, so the previous command won't work here.

How can I complete the chain?

© Super User or respective owner

Related posts about certificate

Related posts about ssl