Generate Public, Private key and Certificates using openssl.
Generate Public, Private key and Certificates using openssl. Here’s some openssl commands from our discussion earlier about private/pubic keys. 1. Generate a private key openssl genrsa -out private.pem 2048 2. Create CSR - certificate signing request openssl req -new -key private.pem -out csr.pem 3. Create self signed certificate (sign with private key instead of CA) from the csr (1 year expiry) openssl x509 -req -days 365 -in csr.pem -signkey private.pem -sha256 -out cert.pem -outform PEM 4. Looks at details of certificate openssl x509 -in cert.pem -noout -text 5. Extract public key from certificate - to std out openssl x509 -in cert.pem -noout -pubkey 6. Extract public key from private key - to file openssl rsa -in private.pem -outform PEM -pubout -out public.pem 7. How to check if a certificate and csr matches with your private key Compare: openssl rsa -noout -modulus -in private.pem | openssl md5 openssl x509 -noout -modulus -in cert.pem | openssl md5 openssl req -noout -modulus -i