diff options
Diffstat (limited to 'crypto/openssl/doc/HOWTO/certificates.txt')
-rw-r--r-- | crypto/openssl/doc/HOWTO/certificates.txt | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/crypto/openssl/doc/HOWTO/certificates.txt b/crypto/openssl/doc/HOWTO/certificates.txt index 82166e0..d3a6254 100644 --- a/crypto/openssl/doc/HOWTO/certificates.txt +++ b/crypto/openssl/doc/HOWTO/certificates.txt @@ -48,7 +48,7 @@ you have your own certificate authority, you may sign it yourself, or if you need a self-signed certificate (because you just want a test certificate or because you are setting up your own CA). -The certificate is created like this: +The certificate request is created like this: openssl req -new -key privkey.pem -out cert.csr @@ -71,13 +71,11 @@ received. If you don't want to deal with another certificate authority, or just want to create a test certificate for yourself, or are setting up a certificate authority of your own, you may want to make the requested -certificate a self-signed one. If you have created a certificate -request as shown above, you can sign it using the 'openssl x509' -command, for example like this (to create a self-signed CA -certificate): +certificate a self-signed one. This is similar to creating a +certificate request, but creates a certificate instead of a +certificate request (1095 is 3 years): - openssl x509 -req -in cert.csr -extfile openssl.cnf -extensions v3_ca \ - -signkey privkey.pem -out cacert.pem -trustout + openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 5. What to do with the certificate |