wiki:creating_ca_and_signing_server_and_client_certs_with_openssl
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
wiki:creating_ca_and_signing_server_and_client_certs_with_openssl [2024/04/02 13:33] – [Create a SSL Client certificate] add Firefox tip box about using client certs antisa | wiki:creating_ca_and_signing_server_and_client_certs_with_openssl [2024/04/09 14:08] (current) – [Creating CA and signing server and client certs with openssl] add link to readme antisa | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | {{tag> | + | {{tag> |
====== Creating CA and signing server and client certs with openssl ====== | ====== Creating CA and signing server and client certs with openssl ====== | ||
Can be used for anything that requires SSL certs, including stunnel certs. | Can be used for anything that requires SSL certs, including stunnel certs. | ||
For stunnel certs client cert should be concatenated to the CA server file (rootCA.crt below) on the stunnel server. | For stunnel certs client cert should be concatenated to the CA server file (rootCA.crt below) on the stunnel server. | ||
+ | |||
+ | Also see [[https:// | ||
===== Configuring your CA ===== | ===== Configuring your CA ===== | ||
Line 102: | Line 104: | ||
<WRAP center round tip 60%> | <WRAP center round tip 60%> | ||
- | To use the client | + | To use the client |
openssl pkcs12 -export -in certs/ | openssl pkcs12 -export -in certs/ | ||
Line 108: | Line 110: | ||
Then you can import it via Settings > Security > View certificates > Import. | Then you can import it via Settings > Security > View certificates > Import. | ||
Also the server config needs to be added, e.g. for nginx | Also the server config needs to be added, e.g. for nginx | ||
+ | server { | ||
... | ... | ||
ssl_verify_client on; | ssl_verify_client on; | ||
Line 235: | Line 238: | ||
* https:// | * https:// | ||
* https:// | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
wiki/creating_ca_and_signing_server_and_client_certs_with_openssl.1712057609.txt.gz · Last modified: 2024/04/02 13:33 by antisa