Step 1: Create Private Key
genrsa –out C:\cert\private.key 1024
Step 2: Create intermediate self-signed root CA certificate
req –new -x509 –days 1826 –key C:\cert\private.key –out C:\cert\rootCert.crt
Step 3: Create intermediate private key
genrsa –out C:\cert\intermediatekey.key 1024
Step 4: Create intermediate request file
req –new –key C:\cert\intermediatekey.key –out C:\cert\intermediate.csr
Step 5: Create intermediate certificate
x509 -req –days 1826 -in C:\cert\intermediate.csr –CA C:\cert\DSS\rootCert.crt -CAkey C:\cert\private.key –set_serial 01 –out C:\cert\intermediateCert.crt
Step 6: Package all the above file into .pfx file
pkcs12 –export –out C:\cert\DSS2.pfx –inkey C:\cert\DSS\intermediatekey.key –in C:\cert\intermediateCert.crt –chain –CAfile C:\cert\rootCert.crt
Tagged: .crt, .key, .pfx, Openssl, private.key, x509Certificate, X509Certificate; C#; Digital Certificate; Signed Data; SHA1;
Leave a Reply