1

INFO: What are some helpful openssl commands that I can use with Certificate Manager

Applies to:

All versions:

Summary:

Using Openssl can be a tedious process, as it is all command line driven. Here are some example Openssl commands that are meant to be used in the Certificate Manager Context.

 

More Info:

 

1: This command generates a self signed certificate that expires in 20 days, and has a key strength of 1024, and is created PEM ( Privacy Enhanced Certificate) format. 

 

$ openssl req -x509 -nodes -days 20 -newkey rsa:1024 -keyout selfsign.pem -out selfsign.pem

 

2: This command shows you how to generate a certificate with a private Key using a passout command.

 

C:\OpenSSL\bin\openssl req -new -newkey rsa:1024 -config SSL.conf -subj "/DC=com/DC=venafi/CN=vedadmin.tmwang.com" -keyout admin.key -passout pass:foo123 -out admin.p10

 

3: Here is an example of the command without using the passout command.  With openssl version 1.0.1c,  you cannot use the  "passout pass:foo123" argument, and have to enter the password in when you import the key into Certificate Manger.  

 

C:\OpenSSL\bin\openssl req -new -newkey rsa:1024 -config SSL.conf -subj "/DC=com/DC=venafi/CN=vedadmin.tmwang.com" -keyout admin.key -out admin.p10

0 comments

Please sign in to leave a comment.