Generating RSA private key, 4096 bit long modulus (2 primes) To generate a root CA certificate, we would need a private key: certs]# openssl genrsa -out orig-ca.key 4096 We can only generate a new CA certificate but when created using the existing key, it can be used to sign existing server certificates.įirst we need a root CA certificate for our demonstration. Technically a root CA certificate cannot be renewed once expired. Then we will intentionally expire our root CA certificate and generate a new CA certificate using the existing root CA key. Before we actually renew the root CA certificate, I will create a setup with a root CA certificate and server certificates.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |