Differences

This shows you the differences between two versions of the page.

--- wiki:creating_ca_and_signing_server_and_client_certs_with_openssl [2022/07/15 15:01] – [Configuring your CA] add warning about absolute path antisa
+++ wiki:creating_ca_and_signing_server_and_client_certs_with_openssl [2022/10/24 16:46] – add commands to generate server and client key without passwords antisa
@@ Line 20: / Line 20: @@
 ===== Create the CA =====
-==== Create CA private key ====
+Generate CA private key with or without passphrase
+==== Create CA private key without passphrase ====
+  openssl genrsa -out rootCA.key 4096
+==== Create CA private key with passphrase ====
   openssl genrsa -des3 -passout pass:qwerty -out  private/rootCA.key 2048
-==== Remove passphrase ====
+==== Remove passphrase if needed ====
   openssl rsa -passin pass:qwerty -in private/rootCA.key -out private/rootCA.key
@@ Line 31: / Line 36: @@
 ===== Create a SSL Server certificate =====
-==== Create private key for the server ====
+==== Create private key for the server without passphrase ====
+  openssl genrsa -out private/server.key 2048
+==== Create private key for the server with passphrase ====
   openssl genrsa -des3 -passout pass:qwerty -out private/server.key 2048
@@ Line 46: / Line 55: @@
 ===== Create a SSL Client certificate =====
+==== Create private key for the client without passphrase ====
+  openssl genrsa -out private/client.key 2048
 ==== Create private key for a client ====
@@ Line 51: / Line 64: @@
 ==== Remove passphrase ====
   openssl rsa -passin pass:qwerty -in private/client.key -out private/client.key
@@ Line 68: / Line 81: @@
 ====== Tested on ======
-  * Ubuntu 18.04
+  * Ubuntu 18.04, 20.04.04
+  * stunnel
 ====== See also ======