1. Determine the directory structure
First determine that there is a democa directory, and that the structure is
Democa
- Certs--Empty directory
- CRL--Empty directory
- Newcerts--Empty directory
- Private--Empty directory
- Index.txt--Empty file
- Serial--I don't know what's the use of ... The general content is 00
No, execute the order.
mkdir democamkdir democa\certsmkdir democa\crlmkdir democa\newcertsmkdir democa\privateecho off > demoCA\ Index.txtecho Onecho > Democa\serial
2. Generate CA Certificate
OpenSSL genrsa-out ca.key 4096openssl req-new-x509-key ca.key-out ca.crt
Fill in the country area name mailbox and other content ...
3. Generate unsigned certificates
OpenSSL genrsa-out test.key 4096openssl req-new-key test.key-out TEST.CSR
Once again fill in the country area name mailbox and so on content ...
4. Signature of the
OpenSSL ca-in test.csr-out test.crt-cert ca.crt-keyfile Ca.key
Confirm some information signature completed
Using OpenSSL to generate certificates and self-signed records under Windows