"openssl ca" - CA (Certificate Authority) Tool

This chapter provides a quick introduction of the 'openssl ca' command, which can be used as CA (Certificate Authority) tool. Topics include OpenSSL configuration file, openssl.cnf; setting up root CA and intermediate CA environments; signing CSRs into certificates; adding x509v3 extensions in CSR and certificate adding domain names and IP addresses in 'subjectAltName' extension.


These sections are omitted from this Web preview version. To view the full content, see information on how to obtain the full version this book.

"openssl ca" - CA Signing Certificate

openssl.cnf - OpenSSL Configuration File

Use "openssl ca" as Root CA

Add "keyUsage" into Root CA

Use "openssl ca" as Intermediate CA

Create Web Server Certificate

OpenSSL CA Database Files

"openssl.cnf" Example and Usages


Takeaways:

Table of Contents

 About This Book

 Introduction of PKI (Public Key Infrastructure)

 Introduction of PKI Certificate

 PKI Certificate File Formats

 OpenSSL - Cryptography Toolkit

"openssl ca" - CA (Certificate Authority) Tool

 Java "keytool" Commands and KeyStore Files

 PKI Certificate Store

 PKCS12 Certificate Bundle File

 PKCS7 Certificate Chain File

 PKI Certificate Related Terminology

 References

 Full Version in PDF/EPUB