Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (71)
EC Keys (2157)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (6123)
Revoked Certificates (16)
Root CA (85)
RSA Keys (5000)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL "ca" - Sign CSR with CA Certificate
How to sign a CSR with my CA certificate and private key using OpenSSL "ca" command? I think my configuration file has all the settings for the "ca" command.
✍: FYIcenter.com
If you have you configuration file ready and all the required directories and files
created, you can sign a CSR with your CA certificate and private key using the OpenSSL "ca"
command as shown below:
C:\Users\fyicenter>\local\OpenSSL-Win32\bin\openssl.exe OpenSSL> ca -in test.csr -keyfile my_ca.key -cert my_ca.crt -out test.crt -policy policy_anything Using configuration from C:\local\OpenSSL-Win32\bin\openssl.cfg Enter pass phrase for my_ca.key:fyicenter Check that the request matches the signature Signature ok Certificate Details: Serial Number: 4096 (0x1000) Validity Not Before: Jul 31 23:50:36 2016 GMT Not After : Jul 31 23:50:36 2017 GMT Subject: countryName = US stateOrProvinceName = NY localityName = NY organizationName = FYIcenter.com commonName = www.fyicenter.com emailAddress = joe@fyicenter.com X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: 0A:2B:BE:16:1A:2D:74:E0:F4:A1:B4:9C:44:E1:B4:73:92:91:68:C2 X509v3 Authority Key Identifier: keyid:7E:2F:80:3A:74:C8:4C:04:15:66:C6:B0:D3:47:D5:DE:D4:71:4A:FF Certificate is to be certified until Jul 31 23:50:36 2017 GMT (365 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated
Notes about this test:
⇒ OpenSSL "ca" - Track CSR Signing History
⇐ OpenSSL "ca" Error "stateOrProvinceName field needed to be the same"
2016-09-13, 2084👍, 0💬
Popular Posts:
How to add a trusted CA (Certificate Authority) certificate into Java default keystore on Windows? M...
Certificate summary - Owner: *.pantherssl.com, CDNetworks Inc., L=San Jose, ST=California, US Issuer...
What is the OpenSSL CSR file structure and components? By default, CSR (Certificate Signing Request)...
Certificate Summary: Subject: VeriSign Class 3 International Server CA - G3 Issuer: VeriSign Class 3...
Certificate summary - Owner: thawte DV SSL CA - G2, Domain Validated SSL, "thawte, Inc.", US Issuer:...