Skip to content

spectrachrome/homeCA

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit

README.md

README.md

 
 

Repository files navigation

Homelab Certificate Authority

Creating a new domain certificate

First, create a private key for the domain:

$ openssl genrsa -out example.home.key 2048

Then we create the Certificate Signing Request (CSR):

openssl req -new -key example.home.key -out example.home.csr

Finally, create an X509 V3 certificate extension config file which is used to define the Subject Alternative Name (SAN) for the certificate.

authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names

[alt_names]
DNS.1 = example.home

To complete the generation, the final command generates the certificate.

openssl x509 -req -in example.home.csr -CA jetsonCA.pem -CAkey jetsonCA.key \
-CAcreateserial -out example.home.crt -days 825 -sha256 -extfile example.home.ext

Reference: https://deliciousbrains.com/ssl-certificate-authority-for-local-https-development/#becoming-certificate-authority

About

Build a certificate authority which issues X.509 SSL certificates for use in home networks

Topics

ssl home-automation ssl-certificate certificate-authority homelab

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published