testsuite/integration-arquillian/servers/auth-server/common/pki/README.md
This directory contains a OpenSSL CA and Intermediate CA that can be used to manage certificates.
Passwords for any key file is password.
In the instructions below, you may usually need to create your own files for private key, CSR request, certificate , p12 and
also possibly custom openssl configuration. For the instructions below, replace the file names according your needs (For example
replace [email protected] with something like [email protected] )
openssl genrsa -aes256 -out certs/clients/test-[email protected] 4096 chmod 400 certs/clients/test-[email protected]
openssl req -config intermediate/openssl.cnf -key certs/clients/test-[email protected] -new -sha256 -out certs/clients/test-[email protected]
If you want to generate a CSR with extensions you can use a command similar to the following:
openssl req -config intermediate/openssl-san.cnf -key certs/clients/test-[email protected] -new -sha256 -out certs/clients/test-[email protected]
openssl ca -config intermediate/openssl.cnf -extensions usr_cert -days 375 -notext -md sha256 -in certs/clients/test-[email protected] -out certs/clients/test-[email protected]
chmod 444 certs/clients/test-[email protected]
openssl x509 -noout -text -in certs/clients/test-[email protected]
openssl verify -CAfile intermediate/certs/ca-chain.cert.pem certs/clients/test-[email protected]
openssl pkcs12 -export -in certs/clients/test-[email protected] -inkey certs/clients/test-[email protected] -out certs/clients/[email protected] -name test-user -CAfile intermediate/certs/ca-chain.cert.pem