Openssl is a cryptographic library that can be used to generate digital certificates. In this blog, I will walk you through the process of creating a Root CA and signing the generated digital certificates with them. For a quick primer on digital certificates take a look at this article. To begin with lets generate a Root CA. This process will require generating a CA private key and a CA certificate. Generate a 4096 bit long RSA key for Root CA $ openssl genrsa -out rootCA.key 4096 Generating RSA private key, 4096 bit long modulus .........++ .............................++ e is 65537 (0x010001) Generate Root CA certificate $ openssl req -x509 -new -key rootCA.key -sha256 -days 1825 -out rootCA.crt You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default val...
My musings on Cloud, Networking and various technologies