Certificate Authority (CA) signed certificates.
What are X.509 Certificates?
Developers normally use private/public key pairs for ssh connections to git repositories and other services.
X.509 certificates are signed by a Certificate Authority and can be revoked by them.
Self-signed certificates
For testing, you can create a self-signed certificate. This is less secure and in many cases won't be valid in your production environment.
$ openssl genrsa 2048 > KEY_NAME.pem
Generating RSA private key, 2048 bit long modulus (2 primes)Then create the certification request (csr).
$ openssl req -new -key KEY_NAME.pem -out csr.pemNow sign the cert yourself. This one is valid for 1 year.
$ openssl x509 -req -days 365 -in csr.pem -signkey KEY_NAME.pem -out KEY_NAME.crtYou can remove the .csr file.
$ rm csr.pem
Level
Topics