How to Generate SSH/SSL Public and Private Keys
By: Kevin | December 6, 2016
ssh-keygen -t rsa -b 2048 -f keyName
Tap enter twice to skip the passphrase, or enter one if you like.
This will output
SSL with self-signed Certificate Authority (CA)
- Create CA key without passphrase
openssl genrsa -out rootCA.key 2048add
-des3if you want a passphrase
- Self sign the CA,
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem. Now you have a self signed SSL named
Use the CA just created to sign other SSL certificates.
- Create a private key,
openssl genrsa -out device.key 2048
- Create a certificate signing request (CSR),
openssl req -new -key device.key -out device.csr. Its important to note when answering the prompts,
Common Name (eg, YOUR name) :must match the host name of the web server you are using.
- Sign the CSR with your CA.
openssl x509 -req -in device.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out device.crt -days 500 -sha256.