Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
B
B
borodka_lenina2015-11-11 17:39:46
OpenSSL
borodka_lenina, 2015-11-11 17:39:46

How to create a root-signed certificate using the -config option?

Hello. In general, step by step:
I generate a key:
openssl genrsa -out test.key 2048 -sha256
I create a csr using -config conf.ini (it contains domains in the [alt_names] section):
openssl x509 -req -in test.csr -CA rootCA .crt -CAkey rootCA.key -CAcreateserial -out test.crt -days 5000 -sha256
The certificate is created, but there is no alt_names in it. What am I doing wrong?
Ps if I create like this, then all domains are in place:
openssl req -x509 -nodes -newkey rsa:2048 -days 9999 -keyout test.key -out test.crt -config conf.ini, but such a certificate is not signed by the root.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
B
borodka_lenina, 2015-11-11
@borodka_lenina

In general, added the section
[ CA_default ]
# Directory and file locations.
dir = /ssl/
private_key = $dir/certs/rootCA.key
certificate = $dir/certs/rootCA.crt
policy = policy_loose
It seemed to help.

Similar questions
S
Scapior2017-07-31 21:38:49
Does Steam require a game to be digitally signed? 2Reply
L
link_irk2015-09-16 04:23:24
How to configure curl so that it supports GOST encryption? 2Reply
P
Pegas123452020-01-28 11:32:18
Openssl and Base64 what's wrong? 1Reply
V
Vanes Ri_Lax2017-11-20 07:54:44
Where can I get certificates for authorization through ESIA? 2Reply
K
korsamc2017-12-07 17:28:56
RSA 576 bit how to decrypt? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question