Create & sign SSL/TLS certificates with openssl

preview_player
Показать описание
In this video, we will learn how to generate a SSL/TLS certificate signing request (CSR) and have it signed by a Certificate Authority (CA). For the purpose of this tutorial, we won’t submit the CSR to a real CA. Instead, we will play both roles: the certificate authority and the certificate applicant.

We will use openssl to do following things:
1. Generate a private key and self-signed certificate of the Certificate Authority (CA).
2. Generate a private key and certificate signing request (CSR) for our web server.
3. Use the CA's private key to sign our web server's CSR and get back the signed certificate.
4. Verify if a certificate is valid or not.

---

Credit:
- Desktop wallpaper is a photo by Scott Taylor on Unsplash:
  1. TECH SCHOOL
  2. tls certificate
  3. ssl certificate
  4. sign tls certificate
  5. sign ssl certificate
  6. create tls certificate
Рекомендации по теме
Create & sign 0:13:23

Create & sign SSL/TLS certificates with openssl

How to create 0:25:01

How to create a valid self signed SSL Certificate?

What are SSL/TLS 0:14:36

What are SSL/TLS Certificates? Why do we Need them? and How do they Work?

Certificates from Scratch 0:21:50

Certificates from Scratch - X.509 Certificates explained

IIS - How 0:02:05

IIS - How to Create Self Signed SSL Certificate for HTTPS

SSL, TLS, HTTPS 0:05:54

SSL, TLS, HTTPS Explained

HTTPS, SSL, TLS 0:43:29

HTTPS, SSL, TLS & Certificate Authority Explained

Quick and Easy 0:12:08

Quick and Easy Local SSL Certificates for Your Homelab!

TLS Certificate Creation 0:03:53

TLS Certificate Creation Made Easy: uncovering mkcert!

How to create 0:14:47

How to create self signed SSL certificate using OpenSSL

Certificates and Certificate 0:16:23

Certificates and Certificate Authority Explained

Installing a Basic 0:10:14

Installing a Basic SSL/TLS Certificate in nginx

Create Your Own 0:05:34

Create Your Own SSL Certificate Authority (on Linux)

How to create 0:11:52

How to create self signed SSL certificate using OpenSSL

How does HTTPS 0:11:02

How does HTTPS work? What's a CA? What's a self-signed Certificate?

How to create 0:14:35

How to create a CA-signed SSL certificate

Key Players of 0:05:40

Key Players of SSL & TLS: Client, Server, Certificate Authority (CA) - Practical TLS

How to get 0:05:05

How to get HTTPS working in localhost (Self Signed localhost SSL Certificates)

Create Your Own 0:07:09

Create Your Own SSL Certificate Authority (Windows)

How Hackers Create 0:03:13

How Hackers Create Dummy self-signed SSL Certificate For Websites

Create self-signed certificates 0:04:51

Create self-signed certificates with RouterOS

Complete Guide to 0:04:06

Complete Guide to AWS Certificate Manager: Set up SSL/TLS Certificates in Minutes | Whizlabs

How HTTPS Works, 0:15:13

How HTTPS Works, Certification Authority, Self signed certificate,SSL and TLS in detail

Go lang Back 0:06:33

Go lang Back End : Generating a Self Signed TLS certificates ( Security Improvements)

Комментарии
Автор

Man, I even took a 3 hour Pluralsight course on this. But none were as good as yours. You're just incredibly awesome.

aniket-kulkarni
Автор

This is simply excellent and exactly what I have been looking for weeks in the past.
Thanks bud.

sudeepagrawal
Автор

Beauty.... Thank you so much.. I was trying to setup self signed certs in my controlled environemt and i was always confused about all this. You made it very simple... Awesome

R
Автор

Thank you for the tutorial.
I really enjoyed watching both videos(this & SSL/TLS overview).

NamitKewat
Автор

Your tutorial was so helpful, especially for the Subject Alternative Name Section in the Certificates. Thanks a ton, you rock!!

VisualMemoryBlue
Автор

WOW...!!! To actually see some of these commands used, and how they is priceless... Thank you...!!!
Don't stop now... Hope you'll make more videos explaining some of the options for various commands..

davesradiorepairs
Автор

Thank you very much, you saved me ton of time understanding openssl to create self signed certificate.

sushillakra
Автор

I wish every tech video on Youtube is like this.

vs-cwwc
Автор

badass job! one of the best SSL videos I've ever watched!

roberto_camp
Автор

Great video and explanation. Is there a way to change the notBefore date? I want to rotate certs and need to create certs that have start dates in the future and not at the time of creation, so just wondering if there's a way to change the startdate or notBefore date, thanks.

christianthomas
Автор

Amazing tutorial, thank you very much!

gedeonandrasmusic
Автор

Thank you so much
That was exactly what I was looking for !!!

shmulick
Автор

Man that last video was very good! I couldnt understand everything but its a piece of good kowledge!

tonykososki
Автор

This is brilliant work! Thank you so much for this. :)

rahulchitta
Автор

man, that was a wonderful explanation. good job

electrotsmishar
Автор

Excellent! tried on linux and Chrome / Firefox recognize the ca-cert-pem without any issues, but it didn't work on Windows (Chrome /internet explorer). is there any conversion need to be done?

iamgentwo
Автор

Hey bro. Help me with this question: With tls you can still read the email and secret (maybe password) sent from the client to the server in the network tab so what exactly is being encrypted?

baloguntobi
Автор

I followed your video to generate the files for using haproxy with SSL. I got all the files exactly as you did and I ran openssl verify -CAfile ca-cert.pem server-cert.pem which says server-cert.pem: OK. In order to make haproxy with SSL to work, I need to have only one .pem file which contains the private key, the certificate and the chain values. Can you tell me what content of those files generated need to be used by order of importance in order to create the latest .pem file for haproxy ? Thank you

samanthaletourneau
Автор

Você foi simplesmente fantástico! Muito obrigado.

eduardodasilvaramos
Автор

thanks, good session on steps of ssl cert generation

kiransowpati