Hi Dirk ,
Thanks for the reply .
These commands worked for me .
I have created a single key and and used it for ca-cert ,intermediate-cert
and server/client cert .
otherwise ,we can use separate keys and commands are like this :
openssl genrsa -des3 -out ca.key 1024
openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
openssl x509 -in ca.crt -out ca.pem
openssl genrsa -des3 -out ca-int_encrypted.key 1024
openssl rsa -in ca-int_encrypted.key -out ca-int.key
openssl req -new -key ca-int.key -out ca-int.csr -subj "/CN=ca-...@acme.com"
openssl x509 -req -days 3650 -in ca-int.csr -CA ca.crt -CAkey ca.key
-set_serial 01 -out ca-int.crt
openssl genrsa -des3 -out server_encrypted.key 1024
openssl rsa -in server_encrypted.key -out server.key
openssl req -new -key server.key -out server.csr -subj "/CN=ser...@acme.com"
openssl x509 -req -days 3650 -in server.csr -CA ca-int.crt -CAkey ca-int.key
-set_serial 01 -out server.crt
--
View this message in context:
http://openssl.6102.n7.nabble.com/create-certificate-chain-tp44046p44215.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
