Cert Authority Lab Prep - Hsanokklis/2023-2024-Tech-journal GitHub Wiki
Lab Prep for configuring a certificate authority.
To start, we need to make sure we fully understand the principles behind Certificate Authorities.
How CA's work with TLS
- CA has a Private/Public Key Pair
- Client has a copy of the Public key in a CA list
- Server has it's Certificate signed by CA's private key
- Client knows that Server Certificate is valid by checking the signature with the CA public key.
Steps to setting up a CA
- Create a private CA
- generate a private key for the client
- generate root certificate with private key
- Issue server certificate using the private key
- Generate a private key for the server
- Generate Certificate signing request(CSR) using private key
- Create certificate with Subject Alternative Name (SAN)
- Verify the server certificate
- Configure certificate on the server
- Add Private Certificate to the trust store so that the browser trusts the certificates