Ubuntu18.04でSSL証明書を作成

概要

OpenSSLを用いて以下の順序で証明証を作成していきます。

1. 秘密鍵(.key)
2. 証明書署名要求(.csr)
3. 認証された証明書(.crt)

コマンド

以下を実行してください

sudo openssl genrsa -aes128 -out hoge.key 2048
sudo openssl rsa -in hoge.key -out hoge.key
sudo openssl req -new -days 3650 -key hoge.key -out hoge.csr
sudo openssl x509 -in hoge.csr -out hoge.crt -req -signkey hoge.key -days 3650

コマンド詳細

$ sudo openssl genrsa -aes128 -out hoge.key 2048
Generating RSA private key, 2048 bit long modulus (2 primes)
.....................................................................+++++
..........+++++
e is 65537 (0x010001)
Enter pass phrase for hoge.key: # 自身で決めたパスワード
Verifying - Enter pass phrase for hoge.key: # パスワード再入力(確認用)

$ sudo openssl rsa -in hoge.key -out hoge.key
Enter pass phrase for hoge.key:
writing RSA key

$ sudo openssl req -new -days 3650 -key hoge.key -out hoge.csr
Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:Yamanashi
Locality Name (eg, city) []:city
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

$ sudo openssl x509 -in hoge.csr -out hoge.crt -req -signkey hoge.key -days 3650
Signature ok
subject=C = JP, ST = Yamanashi, L = city, O = Internet Widgits Pty Ltd
Getting Private key