From f79ee0e3999dfd04af306aced213f20b7f8e0904 Mon Sep 17 00:00:00 2001
From: Jakob Odersky <jodersky@gmail.com>
Date: Wed, 22 Apr 2015 15:06:49 +0200
Subject: initial commit

---
 ssl/manual-procedure.txt | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 ssl/manual-procedure.txt

(limited to 'ssl/manual-procedure.txt')

diff --git a/ssl/manual-procedure.txt b/ssl/manual-procedure.txt
new file mode 100644
index 0000000..a0d0c55
--- /dev/null
+++ b/ssl/manual-procedure.txt
@@ -0,0 +1,25 @@
+Root certificate
+================
+
+1) generate private key
+openssl genpkey -algorithm RSA -out root.key.pem -pkeyopt rsa_keygen_bits:4096 -aes-256-cbc
+
+2) create root certificate signing request
+openssl req -new -key root.key.pem -out root.req.pem
+
+3) self-sign root certificate request
+openssl x509 -req -in root.req.pem -extfile openssl.cnf -extensions v3_ca -days 3650 -signkey root.key.pem -out root.cert.pem
+        
+
+Server certificate
+==================
+
+1) generate private key, same procedure as root
+
+2) create certificate signing request
+openssl req -new -key server.key.pem -out server.req.pem
+
+3) sign certificate
+openssl x509 -req -in server.req.pem -extfile openssl.cnf -extensions v3_usr -CA root.cert.pem -CAkey root.key.pem -CAcreateserial
+
+
-- 
cgit v1.2.3