PKI Certificate Tutorials - Herong's Tutorial Examples - v1.12, by Herong Yang
"openssl ca" - CA (Certificate Authority) Tool
This chapter provides a quick introduction of the 'openssl ca' command, which can be used as CA (Certificate Authority) tool. Topics include OpenSSL configuration file, openssl.cnf; setting up root CA and intermediate CA environments; signing CSRs into certificates; adding x509v3 extensions in CSR and certificate adding domain names and IP addresses in 'subjectAltName' extension.
These sections are omitted from this Web preview version. To view the full content, see information on how to obtain the full version this book.
"openssl ca" - CA Signing Certificate
openssl.cnf - OpenSSL Configuration File
Use "openssl ca" as Root CA
Add "keyUsage" into Root CA
Use "openssl ca" as Intermediate CA
Create Web Server Certificate
OpenSSL CA Database Files
"openssl.cnf" Example and Usages
Takeaways:
Table of Contents
Introduction of PKI (Public Key Infrastructure)
Introduction of PKI Certificate
OpenSSL - Cryptography Toolkit
►"openssl ca" - CA (Certificate Authority) Tool
Java "keytool" Commands and KeyStore Files
PKCS12 Certificate Bundle File