Difference between revisions of "Ca-certificates"

From Wiki at Neela Nurseries
Jump to: navigation, search
m (add link to aboutssl.org)
m (^ Where To Store CA Certificates)
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
CA Certificates
 
CA Certificates
  
== Overview ==
+
== [[#top|^]] Overview ==
 
<i>stub section</i>
 
<i>stub section</i>
 +
 
Locate notes and refs here on CA cert creation and configuration.
 
Locate notes and refs here on CA cert creation and configuration.
  
Line 23: Line 24:
 
printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
 
printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
 
</pre>
 
</pre>
 +
 +
And from LetsEncrypt tutorial:
 +
 +
<pre>
 +
openssl req -x509 -out localhost.crt -keyout localhost.key \
 +
  -newkey rsa:2048 -nodes -sha256 \
 +
  -subj '/CN=localhost' -extensions EXT -config <( \
 +
  printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
 +
</pre>
 +
 +
<!-- odne komentar -->
 +
 +
== [[#top|^]] Where To Store CA Certificates ==
 +
 +
*  https://ubuntu.com/server/docs/security-trust-store
 +
 +
It may be necessary to create a directory for CA certificates for localhost, per the instructions in this Stack Exchange forum post:
 +
 +
*  https://stackoverflow.com/questions/25946170/how-can-i-install-ssl-on-localhost-in-ubuntu
  
 
<!-- odne komentar -->
 
<!-- odne komentar -->

Latest revision as of 14:19, 21 February 2024

CA Certificates

^ Overview

stub section

Locate notes and refs here on CA cert creation and configuration.


^ To Configure CA Certificates

Command at third reference seems much like cert generating command given at LetsEncrypt tutorial at first reference link:

openssl req -x509 -out localhost.crt -keyout localhost.key \
-newkey rsa:2048 -nodes -sha256 \
-subj '/CN=localhost' -extensions EXT -config <( \
printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")

And from LetsEncrypt tutorial:

openssl req -x509 -out localhost.crt -keyout localhost.key \
  -newkey rsa:2048 -nodes -sha256 \
  -subj '/CN=localhost' -extensions EXT -config <( \
   printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")


^ Where To Store CA Certificates

It may be necessary to create a directory for CA certificates for localhost, per the instructions in this Stack Exchange forum post: