diff options
author | Richard Levitte <levitte@openssl.org> | 2003-04-03 22:33:59 +0000 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2003-04-03 22:33:59 +0000 |
commit | 16b1b03543fc6362f9e48f1bd9d4b153ea58c553 (patch) | |
tree | a7d45496f96476ba095e385f7a3502dde1f9b6b7 /doc/HOWTO | |
parent | e6526fbf4dc894d71ae3517a1ba484475b79b402 (diff) |
Implement self-signing in 'openssl ca'. This makes it easier to have
the CA certificate part of the CA database, and combined with
'unique_subject=no', it should make operations like CA certificate
roll-over easier.
Diffstat (limited to 'doc/HOWTO')
-rw-r--r-- | doc/HOWTO/certificates.txt | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/doc/HOWTO/certificates.txt b/doc/HOWTO/certificates.txt index d3a62545ad..a8a34c7abc 100644 --- a/doc/HOWTO/certificates.txt +++ b/doc/HOWTO/certificates.txt @@ -66,14 +66,13 @@ Section 5 will tell you more on how to handle the certificate you received. -4. Creating a self-signed certificate +4. Creating a self-signed test certificate If you don't want to deal with another certificate authority, or just -want to create a test certificate for yourself, or are setting up a -certificate authority of your own, you may want to make the requested -certificate a self-signed one. This is similar to creating a -certificate request, but creates a certificate instead of a -certificate request (1095 is 3 years): +want to create a test certificate for yourself. This is similar to +creating a certificate request, but creates a certificate instead of +a certificate request. This is NOT the recommended way to create a +CA certificate, see ca.txt. openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 |