Create new x509 certificate: openssl req -x509 -newkey
Jump to navigation
Jump to search
Contents
Interactive creation[edit]
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365
Non-interactive creation and 10 years expiration[edit]
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname" Generating a 4096 bit RSA private key .............................................................................++++ ...........................................................................................................................++++ writing new private key to 'key.pem'
file cert.pem cert.pem: PEM certificate file key.pem key.pem: ASCII text
Related[edit]
ssh-keygen
- Certificate Signing Request (CSR)
openssl req -x509 -newkey rsa:4096 -keyout myservice.key -out myservice.cert -days 365 -nodes -subj "/CN=myservice.example.com"
- kubectl create secret tls
See also[edit]
- CSR:
openssl req [ -x509 ]
- X.509, ASN.1,
openssl x509
,.pem, der
, PFX, PKCS, SAN,openssl x509, CSR
Advertising: