How to create a self-signed Certificate

690 shaares
3 liens privés

690 shaares · 3 liens privés

Filtres

Liens par page

20 50 100

How to create a self-signed Certificate

To avoid java exception when connecting using IP

No subject alternative names present

Add the IP address in the certificate as a subjectAltName

[req]
default_bits  = 2048
distinguished_name = req_distinguished_name
req_extensions = req_ext
x509_extensions = v3_req
prompt = no

[req_distinguished_name]
countryName = XX
stateOrProvinceName = N/A
localityName = N/A
organizationName = MyCertificate
commonName = 10.0.10.2:MyCertificate

[req_ext]
subjectAltName = @alt_names

[v3_req]
subjectAltName = @alt_names

[alt_names]
IP.1 = 10.0.10.2

Clé privée :

# Clé privée : KEY
# Certificate Signing Request : CSR (utilisé pour le CRT)
openssl req -nodes -newkey rsa:2048 -keyout certifssl.key -out certifssl.csr

Clé publique :

# Certificat publique : CRT
openssl x509 -req -in certifssl.csr -signkey certifssl.key -out certifssl.crt -days 999

Using keytool

keytool -genkey -alias myAlias 
              -keystore myStore.p12
              -storepass myPassword
              -storetype PKCS12
              -dname cn=mytest,dc=domain,dc=com
              -keyalg RSA 
              -validity 730 -keysize 2048
              -ext SAN=IP:10.0.0.1,DNS:mytest.domain.com

Thu Mar 16 14:56:26 2017 * · permalien

http://www.isicca.info/certificat-ssl-generer-son-certificat/

Filtres

Liens par page

20 50 100