...

[ req ]
prompt             = no
distinguished_name = standard dn

[ standard dn ]
            commonName = somehost
           countryName = DE
          localityName = Berlin
      organizationName = SOS
organizationalUnitName = JS7
   stateOrProvinceName = Berlin

[ standard exts ]
extendedKeyUsage = serverAuth,clientAuth

Resources

Links

• JS7 - How to add SSL TLS Certificates to Keystore and Truststore

Shell Scripts

As an alternative to running OpenSSL commands in an interactive shell a few scripts are provided that perform this task.

...

# Description
# ./create_certificate.sh --dns=<server-hostname>[,<server-hostname>] --days=<number-of-days>

# Example
./create_certificate.sh --dns=apmaccs,apmaccs.sos --days=365

...

• --dns
  • The DNS hostname of the server that should be assigned the certificate. A server can be assigned more than one DNS hostname, for example the FQDN can extend the hostname. Only DNS hostnames that are added to the certificate can be used later on to establish secure HTTPS connections.
• --days
  • The lifetime of the certificate is specified by the number of days.

Links

• JS7 - How to add SSL TLS Certificates to Keystore and Truststore