Skip to main content

Creating Self Signed SSL Certificates for HTTPS Communication

By
Self Signed CA:
  1. Create Private Key for Self Signed CA
    openssl ecparam -genkey -name secp256r1 | openssl ec -out ca.key   
  2. Create CA Certificate for Self Signed CA
    openssl req -new -x509 -days 36500 -key ca.key -out ca.pem -subj "/C=IN/ST=Karnataka/L=Bengaluru/O=company name/OU=Prod Operations Department/CN=prodops.domain.com 
  3. Verify the content of CA certificate
    openssl x509 -in ca.pem -noout -text
Client CERTIFICATE:
CLIENT_ID="<Client-Product>" e.g. CLIENT_ID="ClientID"
CLIENT_SERIAL="<Client-Release-Number>" e.g. CLIENT_SERIAL="6889"
  1. Create Private Key for Client
    openssl ecparam -genkey -name secp256r1 | openssl ec -out  ${CLIENT_ID}_${CLIENT_SERIAL}.key                  
  2. Generate the Certificate Signing Request CSR
    openssl req -new -key ${CLIENT_ID}_${CLIENT_SERIAL}.key -out ${CLIENT_ID}_${CLIENT_SERIAL}.csr -subj "/C=IN/ST=Karnataka/L=Bengaluru/O=Company name/OU=Prod Operations Department/CN=client.domain.com"
  3. Create Client Certificate Signed(Done by Self Signed CA)
    openssl x509 -req -days 36500 -in ${CLIENT_ID}_${CLIENT_SERIAL}.csr -CA ca.pem -CAkey ca.key -set_serial ${CLIENT_SERIAL} -out ${CLIENT_ID}_${CLIENT_SERIAL}.pem
  4. Verify the content of Client Certificate
    openssl x509 -in ${CLIENT_ID}_${CLIENT_SERIAL}.pem -noout -text
 Server Certificate
SERVER_ID="<Server-Product>" e.g. SERVER_ID="ServerID"
SERVER_SERIAL="<SERVER-Release-Number>" e.g. SERVER_SERIAL="1081"
  1. Server Private Key Generation openssl ecparam -genkey -name secp256r1 | openssl ec -out ${SERVER_ID}_${SERVER_SERIAL}.key
  2. Server CSR Generation
    openssl req -new -sha256 -key ${SERVER_ID}_${SERVER_SERIAL}.key -subj "/C=IN/ST=Karnataka/L=Bengaluru/O=Company name/OU=Prod Operations Department/CN=server.domain.com" -out ${SERVER_ID}_${SERVER_SERIAL}.csr
  3. Create Server Certificate Signed (Done by Self signed CA)
    openssl x509 -req -in ${SERVER_ID}_${SERVER_SERIAL}.csr -CA ca.pem -CAkey ca.key -set_serial ${SERVER_SERIAL} -out ${SERVER_ID}_${SERVER_SERIAL}.pem -days 36500 -sha256
  4. Verify the content of Server Certificate
    openssl x509 -in ${SERVER_ID}_${SERVER_SERIAL}.pem -noout -text
Generating pkcs12 certificate for client:
openssl pkcs12 -export -out certificate.pfx -inkey ${CLIENT_ID}_${CLIENT_SERIAL}.key -in ${CLIENT_ID}_${CLIENT_SERIAL}.pem

Command to convert .pem file to .crt file:
openssl x509  -in tnic_client_9000.pem -out tnic_client_9000.crt
Labels:

Comments

Post a Comment

Popular posts from this blog

Leet Code: Problem #710 Random Pick with Blacklist

By
Given a blacklist  B containing unique integers from [0, N) , write a function to return a uniform random integer from [0, N) which is NOT  in B . Optimize it such that it minimizes the call to system’s Math.random() . Note: 1 <= N <= 1000000000 0 <= B.length < min(100000, N) [0, N)  does NOT include N. See interval notation . Example 1: Input: ["Solution","pick","pick","pick"] [[1,[]],[],[],[]] Output: [null,0,0,0] Example 2: Input: ["Solution","pick","pick","pick"] [[2,[]],[],[],[]] Output: [null,1,1,1] Example 3: Input: ["Solution","pick","pick","pick"] [[3,[1]],[],[],[]] Output: [null,0,0,2] Example 4: Input: ["Solution","pick","pick","pick"] [[4,[2]],[],[],[]] Output: [null,1,3,1] Explanation of Input Syntax: The input is two lists: the subroutines called and their argume...
Post a Comment
Read more

Leet Code: Problem: 355. Design Twitter

By
Problem Statement: Design basic twitter which lets user follow and unfollow other users and show the latest new feed related to the current user and the user followers. Implement the following APIs void postTweet(int userId, int tweetId):     Stores the tweetId against the user ID. void follow(int followerId, int followeeId):     Marks that follower ID as following followee ID void unfollow(int followerId, int followeeId):     Marks that follower ID as unfollowing followee ID vector<int> getNewsFeed(int userId):     Returns the set of the latest 10 tweetIDs which include the current user tweetIDs and tweetIDs of the user that the follower if following. Approach to the problem: First we need to store the user IDs of the people a particular user is following To store that we can use map. To optimize things instead of storing list of followers, it is better to store them in a set for quicker access. So the followers data str...
Post a Comment
Read more

LeetCode: Problem #1402. Reducing Dishes

By
Problem Statement: A chef has collected the data on the review for his dishes. Our Chef will take just 1 unit of time to prepare a dish. Our job is to tell him the dishes he has to make in the order to achieve maximum benefit. The maximum benefit is calculated using the formula time[i] * (review ratings). Example 1: Input: reviews = [-1, -10, -9, 0, 5] Output: 14 Explanation: Considering the dishes in the order of -1, 0 ,5 the calculation will be (-1 * 1 + 0 * 2 + 5 * 3) = 14 Example 2: Input: reviews = [6,5,4] Output: 32 Explanation: Considering the dishes in the order of 4, 5, 6 the calculation will be (4 * 1 + 5 * 2 + 6 * 3) = 32 Approach to the solution: Sort the given reviews so that we can concentrate only on maximum benefited reviews. Make cumulative sums from the end. This will help in deciding till which we have to consider the summation. Now start from the end at add the previous array of cumulative sums until a negative number is encountered. We have to iterate in reverse or...
Post a Comment
Read more