API tools faq
paste
Guest User

Untitled

a guest
Jan 23rd, 2019
89
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.01 KB | None | 0 0
raw download clone embed print report
  1. --- CREATE SELF-SIGNED ECDSA CERTIFICATE WITH PRIVATE KEY INSIDE ----
  2.  
  3. 1. Open openssl.exe.
  4.  
  5. 2. If you haven't chosen a curve, you can list them with this command:
  6.  
  7. ecparam -list_curves
  8.  
  9. I picked sect571r1 for this example. Use this to generate an EC private key if you don't have one already:
  10.  
  11. ECDSA 384 - brainpoolP384r1
  12. ECDSA 512 - sect571r1
  13.  
  14. 3. Create private-key.pem
  15.  
  16. ecparam -name brainpoolP512r1 -genkey -param_enc explicit -out private-key.pem
  17. ecparam -genkey -name secp521r1 -noout -out private-key.pem
  18.  
  19. 3. Create certificate in certificate.pem.
  20.  
  21. req -new -x509 -key private-key.pem -out certificate.pem -days 900000 -subj "/C=PL/ST=Silesia/L=Katowice/O=MyOrganization/CN=CommonName"
  22.  
  23. 4. You can inspect the files in the console:
  24.  
  25. ecparam -in private-key.pem -text -noout
  26. x509 -in certificate.pem -text -noout
  27.  
  28. 5. Combine private key and certificate into a new certificate-private.pem file. Open up command line, move to the folder where your files exist.
  29.  
  30. cat private-key.pem certificate.pem > certificate-private.pem
  31.  
  32. 6. Create p12 / p7b / pfx certificate from certificate-private.pem.
  33.  
  34. pkcs12 -export -inkey private-key.pem -in certificate-private.pem -out certificate-private.pfx
  35. pkcs12 -export -inkey private-key.pem -in certificate-private.pem -out certificate-private.p12
  36. pkcs12 -export -inkey private-key.pem -in certificate-private.pem -out certificate-private.p7b
  37.  
  38. The pfx file's icon should be an opened letter with yellow key.
  39.  
  40. --- IMPORT THE CERTIFICATE TO YOUR MACHINE (for Windows)----
  41.  
  42. 7. Click "Start" and open mmc Microsoft Management Console as Administrator.
  43. 8. Choose File -> Add/remove snap-in.
  44. 9. Choose "Certificates" and "Add", Choose "Local machine".
  45. 10. Open "Personal" or "Trusted Root..." and choose "Certificates".
  46. 11. Right-click "Certificates" -> "All tasks" -> "Import" and choose the file.
  47. 12. The certificate should come up in the list and the icon should have a key.
  48. Double click to show details. In "General" tab you should see "You have a private key that corresponds to this certificate".
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!