Creating a chain of certificates
Posted
by StackedCrooked
on Super User
See other posts from Super User
or by StackedCrooked
Published on 2010-04-07T13:12:00Z
Indexed on
2010/04/07
13:13 UTC
Read the original article
Hit count: 326
certificate
|ssl
This question is a follow up to my previous question, which was, in retrospect, not completely answered: http://superuser.com/questions/126121/how-to-create-my-own-certificate-chain.
I'll represent my certificate chain like this:
ROOT -> A -> B -> C -> ...
I am now able to create the ROOT and A certificates, but I didn't succeed in continueing the chain.
My command for creating the root certificate is:
openssl req -new -newkey rsa:1024 -nodes -out ca.csr -keyout ca.key
openssl x509 -trustout -signkey ca.key -days 365 -req -in ca.csr -out ca.pem
Certificate A:
openssl genrsa -out client.key 1024
openssl req -new -key client.key -out client.csr
openssl ca -in client.csr -out client.cer
This command depends on the root certificate implicitly using the data found in the openssl config file.
Certificate B will only rely on A, so the previous command won't work here.
How can I complete the chain?
© Super User or respective owner