Difference between revisions of "Ca-certificates"
From Wiki at Neela Nurseries
m (add link to aboutssl.org) |
m (→^ Where To Store CA Certificates) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
CA Certificates | CA Certificates | ||
| − | == Overview == | + | == [[#top|^]] Overview == |
<i>stub section</i> | <i>stub section</i> | ||
| + | |||
Locate notes and refs here on CA cert creation and configuration. | Locate notes and refs here on CA cert creation and configuration. | ||
| Line 23: | Line 24: | ||
printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth") | printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth") | ||
</pre> | </pre> | ||
| + | |||
| + | And from LetsEncrypt tutorial: | ||
| + | |||
| + | <pre> | ||
| + | openssl req -x509 -out localhost.crt -keyout localhost.key \ | ||
| + | -newkey rsa:2048 -nodes -sha256 \ | ||
| + | -subj '/CN=localhost' -extensions EXT -config <( \ | ||
| + | printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth") | ||
| + | </pre> | ||
| + | |||
| + | <!-- odne komentar --> | ||
| + | |||
| + | == [[#top|^]] Where To Store CA Certificates == | ||
| + | |||
| + | * https://ubuntu.com/server/docs/security-trust-store | ||
| + | |||
| + | It may be necessary to create a directory for CA certificates for localhost, per the instructions in this Stack Exchange forum post: | ||
| + | |||
| + | * https://stackoverflow.com/questions/25946170/how-can-i-install-ssl-on-localhost-in-ubuntu | ||
<!-- odne komentar --> | <!-- odne komentar --> | ||
Latest revision as of 14:19, 21 February 2024
CA Certificates
^ Overview
stub section
Locate notes and refs here on CA cert creation and configuration.
^ To Configure CA Certificates
Command at third reference seems much like cert generating command given at LetsEncrypt tutorial at first reference link:
openssl req -x509 -out localhost.crt -keyout localhost.key \ -newkey rsa:2048 -nodes -sha256 \ -subj '/CN=localhost' -extensions EXT -config <( \ printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
And from LetsEncrypt tutorial:
openssl req -x509 -out localhost.crt -keyout localhost.key \ -newkey rsa:2048 -nodes -sha256 \ -subj '/CN=localhost' -extensions EXT -config <( \ printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
^ Where To Store CA Certificates
It may be necessary to create a directory for CA certificates for localhost, per the instructions in this Stack Exchange forum post:
