Scribd Logo
Upload

Welcome to Scribd!

  • Selfsign

    Uploaded by

    sarahisahotgirl17
    5 views2 pages
    This document provides steps to generate a self-signed SSL certificate in PEM format using the OpenSSL toolkit: 1. Generate a private key using AES256 encryption and store it in a file. 2. Generate a self-signed x509 certificate in PEM format using the private key and answering prompts for organization details. 3. Verify the final SSL certificate file that is generated.

    Original Description:

    How to sign your own OpenSSL certificate.

    Original Title

    selfsign

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides steps to generate a self-signed SSL certificate in PEM format using the OpenSSL toolkit: 1. Generate a private key using AES256 encryption and store it in a file. 2. Generate a self-signed x509 certificate in PEM format using the private key and answering prompts for organization details. 3. Verify the final SSL certificate file that is generated.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    5 views2 pages

    Selfsign

    Uploaded by

    sarahisahotgirl17
    This document provides steps to generate a self-signed SSL certificate in PEM format using the OpenSSL toolkit: 1. Generate a private key using AES256 encryption and store it in a file. 2. Generate a self-signed x509 certificate in PEM format using the private key and answering prompts for organization details. 3. Verify the final SSL certificate file that is generated.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 2

    12/17/23, 7:44 PM Generate a self-signed SSL certificate in PEM format using OpenSSL

    Generate a self-signed SSL certificate in PEM format using


    OpenSSL

    Article ID KB11255 Created 2008-04-01 Last Updated 2010-06-28

    Description
    Using the OpenSSL open source tools found commonly on UNIX operating systems such as Linux and Solaris, it
    is possible to generate a self-signed SSL certificate in PEM format.

    Symptoms
    Generate a self-signed SSL certificate without having a certificate issued by a Certificate Authority or CA.

    Solution
    The OpenSSL package must be installed on your operating system as a prerequisite for the steps below.

    Step #1: Generate a private key using AES256 and a passphrase; store the results in a filenamed "key.pem"

    Example:
    # openssl genrsa -aes256 -out key.pem
    Generating RSA private key, 512 bit long modulus
    ...............++++++++++++
    .....++++++++++++
    unable to write 'random state'
    e is 65537 (0x10001)
    Enter pass phrase for key.pem:
    Verifying - Enter pass phrase for key.pem:

    Step #2: Verify the private key generated in Step #1.

    # cat key.pem
    -----BEGIN RSA PRIVATE KEY-----
    Proc-Type: 4,ENCRYPTED
    DEK-Info: AES-256-CBC,7387154F31DA820FC1F2D9D9A73E2D77
    jE0wO5VusbQycWPLbfecu/vHG3eJSViI6Yj98Cje8/vY4m/GQwKdHsM9RNRa+saE
    bYkAzA6gSqTG7whu9jDdj2ypZjGuqm9JK9ULDsVe+QDk3W7QU2eV731K5VQzaO/q
    8s0jcK85GA+B77SCjjjcGDfsptOxuh2Njsru0Rb2HQQOqcEUMIGMHJXNffHQGC4l
    WpE2XGSXPEZl2sJb69KEnaNg+nHBHE5t176QGoK4SsRLjYX7t+eZ8YlhSiSvEtSn
    i0J2QAetoBBll/j1Y718BBCpk+khrRJ1Ho8JtXahSbZscsvTkilhBfe83nLn9SwP
    rHin+z16WBmvi9PJ9m4Rk7LVBRSCCPGqilX8PX55Z9tTfYHL2hUo6BZQ9Kv580v1
    19zmB1IPMUy5JWTUY/2DpDKEuhvuf52BEJhosjwTvws=
    -----END RSA PRIVATE KEY-----

    Step #3: Generate a self-signed SSL x509 certifcate in PEM format using our private key. Answer the prompts

    https://supportportal.juniper.net/s/article/Generate-a-self-signed-SSL-certificate-in-PEM-format-using-OpenSSL?language=en_US 1/2
    12/17/23, 7:44 PM Generate a self-signed SSL certificate in PEM format using OpenSSL

    with your company information where the certificate will be used.

    Example:
    # openssl req -new -x509 -key key.pem -out cert.pem -days 1095
    Enter pass phrase for key.pem:
    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter '.', the field will be left blank.
    -----
    Country Name (2 letter code) [AU]:
    State or Province Name (full name) [Some-State]:
    Locality Name (eg, city) []:
    Organization Name (eg, company) [Internet Widgits Pty Ltd]:
    Organizational Unit Name (eg, section) []:
    Common Name (eg, YOUR name) []:
    Email Address []:

    Step #4: Verify the final SSL certificate generated

    Example:
    # cat cert.pem
    -----BEGIN CERTIFICATE-----
    MIICKzCCAdWgAwIBAgIJAPuWUYM53croMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
    BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
    aWRnaXRzIFB0eSBMdGQwHhcNMDgwMTIyMjAzODQ1WhcNMTEwMTIxMjAzODQ1WjBF
    MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
    ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANRF
    nSYHgtPznWEbhLulBps5+uD8FVSecMQc++5jlfO8XweDmu/aqytVNJcekT+cYAb/
    IYP+3t5odu39yrk4geMCAwEAAaOBpzCBpDAdBgNVHQ4EFgQUzTm8oxOBySWysvxL
    kEOaTx7XKXwwdQYDVR0jBG4wbIAUzTm8oxOBySWysvxLkEOaTx7XKXyhSaRHMEUx
    CzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRl
    cm5ldCBXaWRnaXRzIFB0eSBMdGSCCQD7llGDOd3K6DAMBgNVHRMEBTADAQH/MA0G
    CSqGSIb3DQEBBQUAA0EAOfWauvWMxFGsJjJJDjD8GEn22NaqkhjOEoKykSkURImm
    h0jGGbMD9Y0WAr7GL8SULKxsivBLwvF7Zw/bN4RiiQ==
    -----END CERTIFICATE-----

    AFFECTED PRODUCT SERIES / FEATURES

    https://supportportal.juniper.net/s/article/Generate-a-self-signed-SSL-certificate-in-PEM-format-using-OpenSSL?language=en_US 2/2

    You might also like