Scripts for generating a self signed CA and self signed X509 certificates signed by the CA. Generates HTTPS server certificate for TLS/SSL communication. Generates PEM, PKCS12 and JKS files for multi purposes such as Java servers. Intended for testing purposes.
#Quick start
- First run ./generate-ca.sh to create a root CA
- Then run generate-server-certs-from-ca.sh with the server's common name as argument, example ./generate-server-certs-from-ca.sh test.mytrustedsite.org
#Serial numbers
All certificates generated and signed by the CA are issued a serial number based on the serial number counter stored in serialno.dat. The serialno.dat will be created if it doesn't exist. If you remove the serialno.dat the counter will restart and you might get serial number collisions.
#Trust store
The ca-truststore.jks can be used for trusting all certificates generated from the ROOT CA
#More info
More about creating self signed certificates with your own self-signed CA: http://web.archive.org/web/20120509214649/http://www.tc.umn.edu/~brams006/selfsign.html