Tuesday, June 23, 2009

Creating new server certificates with an existing CA

Creating new server certificates with an existing CA, using unencrypted server keys so you don't get prompted when apache starts:
openssl req -new -config openssl.cnf -nodes -keyout newkey.pem -out newreq.pem -days 1825
openssl ca -config openssl.cnf -policy policy_anything -out newcert.pem -infiles newreq.pem

No comments: