API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 10th, 2016
81
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.04 KB | None | 0 0
raw download clone embed print report
  1. # Gerar Chave Privada com Password (-des3) 4096 Bits
  2. openssl genrsa -des3 -out rootCA.key 4096
  3.  
  4.  
  5. # Gerar CA
  6. openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 730 -out rootCA.pem
  7.  
  8.  
  9. # Gerar Chave Privada para Dispositivo
  10. openssl genrsa -des3 -out device.key 4096
  11.  
  12.  
  13. # Gerar CSR
  14. openssl req -new -key device.key -out device.csr
  15.  
  16.  
  17. # Gerar CRT
  18. openssl x509 -req -in device.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out device.crt -days 730 -sha256
  19.  
  20.  
  21. # Exportar para P12
  22. openssl pkcs12 -export -out device.p12 -inkey device.key -in device.crt -certfile rootCA.pem
  23.  
  24.  
  25. # Exportar para P12 sem RC2 (Compativel com o Munin) [Adicionar -descert]
  26. openssl pkcs12 -export -out device.p12 -inkey device.key -in device.crt -certfile rootCA.pem -descert
  27.  
  28.  
  29. # Ler P12
  30. openssl pkcs12 -info -in device.pfx
  31.  
  32.  
  33. # Ler CSR
  34. openssl req -text -noout -verify -in domain.csr
  35.  
  36.  
  37. # Ler CRT
  38. openssl x509 -text -noout -in domain.crt
  39.  
  40.  
  41. # Verificar se o Certificado foi assinado pela CA
  42. openssl verify -verbose -CAfile ca.pem domain.crt
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!