Saturday, July 10, 2010

RHEL/CentOS SSL certificate generation

I discovered last week that since RHEL/CentOS 3, the recommended way to generate CSRs or self-signed certificates is the 'genkey' command, provided by the crypto-utils. It allows you to graphically choose the key size, and if you simply want to create a self-signed certificate, just answer no when it asks if you want to send the CSR to a certificate authority. It shows at the beginning the destination of the created files, but I'll give you a hint (if my memory is good...):

  • /etc/pki/tls/private for the key
  • /etc/pki/tls/certs for the certs

0 Comments:

Post a Comment

<< Home