{"id":1600,"date":"2018-11-12T17:42:54","date_gmt":"2018-11-12T16:42:54","guid":{"rendered":"https:\/\/solidt.eu\/site\/?p=1600"},"modified":"2018-11-19T10:26:35","modified_gmt":"2018-11-19T09:26:35","slug":"generate-ssl-certificate-based-on-rootca","status":"publish","type":"post","link":"https:\/\/solidt.eu\/site\/generate-ssl-certificate-based-on-rootca\/","title":{"rendered":"Generate SSL certificate based on RootCA"},"content":{"rendered":"<pre class=\"lang:batch decode:true \" title=\"create-root-cert.bat\">set SSL=\"C:\\Program Files\\Git\\mingw64\\bin\\openssl.exe\"\r\n:: create rootCA key\r\n%SSL% req -x509 -days 3650 -newkey rsa:4096 -new -nodes -keyout gen\/rootCA.key -out gen\/rootCA.pem -subj \"\/C=NL\/ST=ZH\/O=MyOrganisation\/CN=MyRootCA\" -reqexts SAN -config rootCA.config<\/pre>\n<pre class=\"lang:ini decode:true\" title=\"rootCA.config\">[req]\r\ndistinguished_name  = req_distinguished_name\r\nreq_extensions      = san, v3_req\r\nextensions          = san\r\n\r\n[req_distinguished_name]\r\n\r\n[v3_req]\r\n# Extensions to add to a certificate request\r\nbasicConstraints = CA:FALSE\r\nkeyUsage = digitalSignature, keyEncipherment\r\nsubjectAltName = @alt_names\r\n\r\n[SAN]\r\nsubjectAltName=DNS:localhost<\/pre>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<pre class=\"lang:batch decode:true\" title=\"Create domain certificate\">set SSL=\"C:\\Program Files\\Git\\mingw64\\bin\\openssl.exe\"\r\n:: create domain key\r\n%SSL% req -x509 -days 3650 -newkey rsa:4096 -new -nodes -keyout gen\/domainC.key -out gen\/domainC.pem -subj \"\/C=NL\/ST=ZH\/O=MyOrganisation\/CN=localhost\" -reqexts SAN -config domainCert.config\r\n:: create a Certificate Signing Request (CSR)\r\n%SSL% req -new -key gen\/domainC.key -subj \"\/C=NL\/ST=ZH\/O=DNA Services B.V.\/CN=localhost\" -out gen\/domainC.csr\r\n:: sign domain key with root key as certificate\r\n%SSL% x509 -req -in gen\/domainC.csr -CA gen\/rootCA.pem -CAkey gen\/rootCA.key -CAcreateserial -out gen\/domainC.crt -sha256 -extfile v3.ext<\/pre>\n<pre class=\"lang:ini decode:true \" title=\"domainCert.config\">[req]\r\ndistinguished_name  = req_distinguished_name\r\nreq_extensions      = san, v3_req\r\nextensions          = san\r\n\r\n[req_distinguished_name]\r\n\r\n[v3_req]\r\n# Extensions to add to a certificate request\r\nbasicConstraints = CA:FALSE\r\nkeyUsage = digitalSignature, keyEncipherment\r\nsubjectAltName = @alt_names\r\n\r\n[SAN]\r\nsubjectAltName=DNS:localhost<\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"lang:ini decode:true  \" title=\"v3.ext\">authorityKeyIdentifier=keyid,issuer\r\nbasicConstraints=CA:FALSE\r\nkeyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment\r\nsubjectAltName = @alt_names\r\n\r\n[alt_names]\r\nDNS.1 = localhost<\/pre>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>set SSL=&#8221;C:\\Program Files\\Git\\mingw64\\bin\\openssl.exe&#8221; :: create rootCA key %SSL% req -x509 -days 3650 -newkey rsa:4096 -new -nodes -keyout gen\/rootCA.key -out gen\/rootCA.pem -subj &#8220;\/C=NL\/ST=ZH\/O=MyOrganisation\/CN=MyRootCA&#8221; -reqexts SAN -config rootCA.config [req] distinguished_name = req_distinguished_name req_extensions = san, v3_req extensions = san [req_distinguished_name] [v3_req] # Extensions to add to a certificate request basicConstraints = CA:FALSE keyUsage = digitalSignature, keyEncipherment subjectAltName [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[8],"tags":[],"class_list":["post-1600","post","type-post","status-publish","format-standard","hentry","category-other-scripts"],"_links":{"self":[{"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/posts\/1600","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/comments?post=1600"}],"version-history":[{"count":3,"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/posts\/1600\/revisions"}],"predecessor-version":[{"id":1621,"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/posts\/1600\/revisions\/1621"}],"wp:attachment":[{"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/media?parent=1600"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/categories?post=1600"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solidt.eu\/site\/wp-json\/wp\/v2\/tags?post=1600"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}