Difference between revisions of "Openssl without openssl.cnf"
Jump to navigation
Jump to search
| Line 2: | Line 2: | ||
- https://serverfault.com/questions/571910/how-to-add-extended-key-usage-string-when-generating-a-self-signed-certificate-u | - https://serverfault.com/questions/571910/how-to-add-extended-key-usage-string-when-generating-a-self-signed-certificate-u | ||
| + | # Without | ||
https://stackoverflow.com/questions/36920558/is-there-anyway-to-specify-basicconstraints-for-openssl-cert-via-command-line | https://stackoverflow.com/questions/36920558/is-there-anyway-to-specify-basicconstraints-for-openssl-cert-via-command-line | ||
Latest revision as of 21:11, 10 November 2023
With but simple
Without
DAYS='240'
SUBJECT='/CN=example.com/O=Example Co./OU=Engineering/L=Boston/ST=MA/C=US'
SERIAL='0x1001'
openssl req \
-addext basicConstraints=critical,CA:TRUE,pathlen:1 \
-outform pem -out cacert.pem \
-key privkey.pem -new -x509 \
-days "${DAYS}" \
-subj "${SUBJECT}" \
-set_serial "${SERIAL}"
-CAcreateserial
serial