Rui CarmoNotes on managing SSL certificates
mkdir -p ~/Documents/Certificates/Domain cd ~/Documents/Certificates/Domain echo "01" > serial # serial number for certificates touch index.txt # list of issued certificates mkdir certs # certificates that have been "picked up" mkdir newcerts # certificates, not "picked up" mkdir crl # certificates that are revoked mkdir private # private keys etc. that go with certificates mkdir requests # filing place for requests # Generate CA certificate openssl req -new -x509 -days 1460 -keyout private/cakey.pem -out cacert.pem Generating a 1024 bit RSA private key ...............++++++ .............++++++ writing new private key to 'private/cakey.pem' Enter PEM pass phrase: Verifying - Enter PEM pass phrase: ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:<enter your country> State or Province Name (full name) [Some-State]: <whatever> Locality Name (eg, city) []:<enter your city> Organization Name (eg, company) [Internet Widgits Pty Ltd]:<organization name> Organizational Unit Name (eg, section) []:<whatever> Common Name (eg, YOUR name) []:<preferrably the domain name> Email Address []:<whatever> #