Generate a Self Signed Certificate - eric-holtzclaw/wazuh GitHub Wiki
#Source https://jamielinux.com/docs/openssl-certificate-authority/sign-server-and-client-certificates.html#create-a-key
#Make Root CA and Server + Keys
mkdir /root/ca
cd /root/ca
mkdir certs crl newcerts private
chmod 700 private
touch index.txt
echo 1000 > serial
#Make Root CA key
cd /root/ca
openssl genrsa -out private/ca.key.pem 4096
chmod 400 private/ca.key.pem
#Create root certificate
cd /root/ca
openssl req -config openssl.cnf
-key private/ca.key.pem
-new -x509 -days 7300 -sha256 -extensions v3_ca
-out certs/ca.cert.pem
#Verify Root certificate
openssl x509 -noout -text -in certs/ca.cert.pem
#Create the server Key
cd /root/ca
openssl genrsa \
-out intermediate/private/www.example.com.key.pem 2048
chmod 400 intermediate/private/www.example.com.key.pem
#Create a Certificate (CSR)
cd /root/ca
openssl req -config intermediate/openssl.cnf \
-key intermediate/private/www.example.com.key.pem \
-new -sha256 -out intermediate/csr/www.example.com.csr.pem
#Deploy Root CA + Certificate + key
ca-chain.cert.pem
www.example.com.key.pem
www.example.com.cert.pem