OpenSSL Commands I Don't Want To Forget
I followed this guide https://pki-tutorial.readthedocs.io/en/latest/simple/index.html for setting up my public key infrastructure.
Some openssl commands I use semi-regularly that I don't want to forget.
Create a root certifcate: openssl req -new -config etc/root-ca.conf -out ca/root-ca.csr -keyout ca/root-ca/private/root-ca.key
Sign the root certificate (with itself): openssl ca -selfsign -config etc/root-ca.conf -in ca/root-ca.csr -out ca/root-ca.crt -extensions root_ca_ext
Create an CSR for the intermediate certificate: openssl req -new -config etc/signing-ca.conf -out ca/signing-ca.csr -keyout ca/signing-ca/private/signing-ca.key
Sign it with the root certificate: openssl ca -config etc/root-ca.conf -in ca/signing-ca.csr -out ca/signing-ca.crt -extensions signing_ca_ext
Create an SSL certificate: SAN=DNS:*.utopple.com openssl req -new -config etc/server.conf -out certs/utopple.com.csr -keyout certs/utopple.com.key
Sign it with the intermediate certificate: openssl ca -config etc/signing-ca.conf -in certs/utopple.com.csr -out certs/utopple.com.crt -extensions server_ext