OpenSSL key creation

(Note openssl creates keys with extention .pem modssl looks for .key i use both here interchangeably)

WWW-SSL Key (Self Signed)

  1. Create private key and certificate request. The -nodes option prevents the use of a passphrase.

    openssl req -new [-nodes] -keyout certname.key -out certname.csr

  2. Create the certificate from the request and the key. The signingkey can be either the key created above, or a different CA key

    openssl x509 -in certname.csr -out certname.crt -req -signkey signingkey.key -days 365

POP3-SSLWrap key (Self Signed)

  1. Create Key

    openssl req -x509 -newkey rsa:1024 -keyout server.pem -out server.pem -nodes -days 365

  2. Create hash for key

    ln -s server.pem `openssl x509 -noout -hash < server.pem`.0

qMail TLS Certificate (Self Signed)

  1. Create Key

    openssl req -new -x509 -nodes -days 366 -out servercert.pem -keyout servercert.pem

Removing PassPhrase from private key

openssl rsa -in signed.key -out unsigned.key

Viewing Certificate Information

openssl x509 -noout -text -in name.crt