slawek/simple-ca
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Sławek Koszewski
2026-05-07 15:27:39 +02:00
parent 6bae5b0630
commit b2295ee080
1 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+15
View File
@@ -94,3 +94,18 @@ simple-ca make-ca [--days N] [--issuing-ca PREFIX] [--aia-base-url URL] CA_DIR
simple-ca make-cert [--ca-dir DIR] [--days N] [--issuing-ca PREFIX] CERT_DIR SUBJECT [SAN...] simple-ca make-cert [--ca-dir DIR] [--days N] [--issuing-ca PREFIX] CERT_DIR SUBJECT [SAN...]
simple-ca make-pfx --ca-dir DIR [--issuing-ca PREFIX] --path CERT_PATH [--password PASS] simple-ca make-pfx --ca-dir DIR [--issuing-ca PREFIX] --path CERT_PATH [--password PASS]
``` ```
## Self Signed Ceritifcate
The following command will create a *full-featured* self-signed certificate that can act as CA certificate and be used for client and server authentication:
```bash
openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout "key.pem" \
-out "cert.pem" \
-subj "/CN=<user name>/O=<user organization>/C=<CC>" \
-addext "basicConstraints=critical,CA:TRUE" \
-addext "keyUsage=critical,digitalSignature,keyEncipherment,keyCertSign,cRLSign" \
-addext "extendedKeyUsage=serverAuth,clientAuth" \
-addext "subjectAltName=DNS:<computer_name>"
```