casa-mp-base
Public
Source
xxxxxxxxxxorganizationalUnitName = Change This Surrogate Certificate Chain of Trust# Commands to create a surrogate TLS server certificate chain of trust################### CA################### CA encrypted key# openssl genrsa -aes256 -out private/ca.key.pem \# -passout file:private/passphrase.txt 4096# CA certificate# openssl req -config openssl.cnf \# -new -x509 -days 1460 -sha256 -extensions v3_ca -out ca.cert.pem \# -key private/ca.key.pem -passin file:private/passphrase.txt -batch# CA certificate text verification# openssl x509 -text -noout -in ca.cert.pem# CA certificate openssl self-verification# openssl verify -CAfile ca.cert.pem ca.cert.pem################### Intermediate CA################### Intermediate CA encrypted key# openssl genrsa -aes256 -out intermediate/private/intermediate.key.pem \# -passout file:intermediate/private/passphrase_intermediate.txt 4096# Intermediate CA CSR# openssl req -config intermediate/openssl_intermediate.cnf -new -sha256 \# -key intermediate/private/intermediate.key.pem \# -passin file:intermediate/private/passphrase_intermediate.txt -batch \# -out intermediate/intermediate.csr.pem# CA initialize database# sh -c 'echo 01 > serial'# touch index.txt# Intermediate CA certificate# openssl ca -config openssl.cnf \# -days 730 -notext -md sha256 -extensions v3_intermediate_ca \# -in intermediate/intermediate.csr.pem \# -out intermediate/intermediate.cert.pem# -passin file:private/passphrase.txt -batch# Intermediate CA chain# sh -c 'cat intermediate/intermediate.cert.pem ca.cert.pem \# > intermediate/ca-chain.cert.pem'# Intermediate CA certificate text verification# openssl x509 -text -noout -in intermediate/intermediate.cert.pem# Intermediate CA chain openssl self-verification# openssl verify -CAfile ca.cert.pem intermediate/ca-chain.cert.pem################### Client Certs################### Client certificate encrypted key# openssl genrsa -aes256 -out intermediate/private/www.example.com.key.pem \# -passout file:intermediate/private/passphrase_client.txt 4096