Creating server and client certificates - sdurbin1/safe-rest GitHub Wiki

Create CA Certificate

openssl req -days 3650 -out ca.pem -new -x509 
# PEM pass phrase: enter a password. We used "password"
# Hit enter everywhere except:
# Country: US
# Organization Name: Organization
# Common Name: CA 

Create server key and certificate

openssl genrsa -out server.key

openssl req -key server.key -new -out server.req
# Hit enter everywhere except:
# Country: US
# Organization Name: Organization
# Common Name: localhost 

echo 1000 > ca.srl
openssl x509 -req -in server.req -CA ca.pem -CAkey privkey.pem -out server.pem -days 3650

Create client key and certificate

openssl genrsa -out client.key

openssl req -key client.key -new -out client.req -days 3650
# Hit enter everywhere except:
# Country: US
# Organization Name: Organization
# Common Name: client

openssl x509 -req -in client.req -CA ca.pem -CAkey privkey.pem -out client.pem -days 3650

Generate client .p12

openssl pkcs12 -export -out client.p12 -inkey client.key -in client.pem -certfile ca.pem