openssl scripts

by Anthony Tonns

Have you LOOKED at the prices for buying an SSL certificate from VeriSign or some of the other bozos? It's gotten totally ridiculous and WAY out of hand. So, I've setup my own CA (Certificate Authority) using OpenSSL to create certificates for whatever, whevener I need.

This is the raw syntax. Explanations come later.

One time only - create CA certificate
# cd ssl.scripts
# ./ ../ssl.key/ca.key
# ./ ../ssl.key/ca.key ../ssl.csr/ca.csr
# vi signCAcsr.cnf     #you probbably want to change this config stuff
# ./ ../ssl.key/ca.key ../ssl.csr/ca.csr ../ssl.crt/ca.crt
# ./ ../ssl.key/ca.key
Every other time - generate server SSL certificate
# cd ssl.scripts
# ./ ../ssl.key/foo.key
# ./ ../ssl.key/foo.key ../ssl.csr/foo.csr
# vi signcsr.cnf     		#you probbably want to change this config stuff the first time
# echo "01" > signcsr.serial	#once again, only the first time!
# ./ ../ssl.csr/foo.csr ../ssl.crt/foo.crt
# ./ ../ssl.key/foo.key





Here is the GPL, which is the license for these scripts Homepage