Cert Workflow
Generate RSA Private Key
# generate private key
openssl genpkey \
-algorithm RSA \
-pkeyopt rsa_keygen_bits:2048 \
-pkeyopt rsa_keygen_pubexp:3 \
-out privkey-A.pemopenssl genrsa -out yourdomain.key 2048
# view content
openssl pkey \
-in privkey-A.pem \
-text \
-nooutopenssl rsa -text -in yourdomain.key -noout
# extract pub key
openssl pkey \
-in privkey-A.pem \
-pubout -out pubkey-A.pem
# view
openssl pkey \
-pubin -in pubkey-A.pem \
-text \
-nooutopenssl rsa -in yourdomain.key -pubout -out yourdomain_public.key
Generate CSR
openssl req \
-new \
-key yourdomain.key \
-out yourdomain.csr- With inline details
openssl req -new -key yourdomain.key -out yourdomain.csr \ -subj "/C=US/ST=Utah/L=Lehi/O=Your Company, Inc./OU=IT/CN=yourdomain.com"Private Key + CSR
openssl req -new \ -newkey rsa:2048 -nodes -keyout yourdomain.key \ -out yourdomain.csr \ -subj "/C=US/ST=Utah/L=Lehi/O=Your Company, Inc./OU=IT/CN=yourdomain.com"View Cert as Text
openssl x509 \
-in Alice.crt \
-text \
-nooutVerify
openssl verify \
-CAfile root.crt \
Bob.crtLast updated on