apt-get -y install golang-cfssl
# ca-config.json
{
"signing": {
"default": {
"expiry": "87600h"
},
"profiles": {
"www": {
"expiry": "87600h",
"usages": [
"signing",
"key encipherment",
"server auth"
]
}
}
}
}
# ca-csr.json
{
"CN": "My Own CA",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"L": "Beijing",
"ST": "Beijing"
}
]
}
cfssl gencert -initca ca-csr.json | cfssljson -bare ca
# example-csr.json
{
"CN": "your-domain.com",
"hosts": [
"your-domain.com",
"www.your-domain.com"
],
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"L": "Beijing",
"ST": "Beijing"
}
]
}
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=www example.com-csr.json | cfssljson -bare example.com
openssl x509 -in hub.0ll1.com.pem -text -noout
