openssl

The OpenSSL project is an open-source general purpose cryptography library that implements the SSL and TLS protocols.

Configuration File

The configuration file for OpenSSL is openssl.cnf. The location of which will probably vary across Linux distributions. On Red Hat systems the configuration file is as shown below.

/etc/pki/tls/openssl.cnf

You can use this file to define certain default values. For example, editing the dir variable sets the default directory for saving your certificates. You will need to first create the directory if you change this value.

dir = /certs/ssl/ca

Some additional variables I like to set are as shown below. You might also want to consider entering in this information if you generate a lot of self-signed certificates.

default_days = 3650
default_bits = 2048
countryName_default = US
stateOrProvinceName_default = Washington
localityName_default = Seattle
0.organizationName_default = My Company
commonName_default = example.com
emailAddress_default = root@example.com

By replacing these details with your own, will prevent you from having to enter this information in manually each and every time you create a new CSR (Certificate Signing Request).

More stuff here…

More stuff here…

openssl ....

Resources

OpenSSL: Cryptography and SSL/TLS toolkit
http://www.openssl.org

Wikipedia: OpenSSL
http://en.wikipedia.org/wiki/OpenSSL

Leave a Reply