Using Openssl can be a tedious process, as it is all command line driven. Here are some example Openssl commands that are meant to be used in the Certificate Manager Context.
1: This command generates a self signed certificate that expires in 20 days, and has a key strength of 1024, and is created PEM ( Privacy Enhanced Certificate) format.
$ openssl req -x509 -nodes -days 20 -newkey rsa:1024 -keyout selfsign.pem -out selfsign.pem
2: This command shows you how to generate a certificate with a private Key using a passout command.
C:\OpenSSL\bin\openssl req -new -newkey rsa:1024 -config SSL.conf -subj "/DC=com/DC=venafi/CN=vedadmin.tmwang.com" -keyout admin.key -passout pass:foo123 -out admin.p10
3: Here is an example of the command without using the passout command. With openssl version 1.0.1c, you cannot use the "passout pass:foo123" argument, and have to enter the password in when you import the key into Certificate Manger.
C:\OpenSSL\bin\openssl req -new -newkey rsa:1024 -config SSL.conf -subj "/DC=com/DC=venafi/CN=vedadmin.tmwang.com" -keyout admin.key -out admin.p10