OpenSSL cheat sheet: creating and signing certificates
We’ve all been in that situation where certificates were needed, and one needs to peek into the openssl man page (or Google for examples) in order to remember how it’s done.
To make our lives easier, here’s a cheat sheet:
(note): $1 is the name of the certificate you want to create/sign/revoke.
Environment
Create self-signed CA
Create certificate request
Sign certificate
Revoke certificate
Generate CRL
Inject CA and CRL into system (needed when issuing “openssl verify” commands)
Verify certificate (against CA and CRL, depending on whether the .0 and .r0 symlinks were created)