CAcert, OpenSSL, Apache, SMTP, IMAP et al.

Just my own quick notes for SSL cert generation for use wit CAcert. Mostly just because too many instructions on the web run over many pages with thousands of words, … :-(

Generating the private key:

openssl genrsa -out key.key 2048

Generating the Certificate Signing Request, CSR:

openssl req -new -key key.key -subj / -out key.csr

The CSR is now provided to your signing authority, from which you get the resulting certificate, which you save to something like key.crt.

Some software require the key and the cert to resist in a single file, you can simple cat them together:

cat key.{key,crt} > key.pem

Leave a Reply

You must be logged in to post a comment.