[gnutls-help] Generating multi-layer certificates
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Oct 18 01:27:11 CEST 2013
On 10/16/2013 01:00 PM, Daniel Kahn Gillmor wrote:
> certtool --load-ca-privkey=root-ca.key \
> --load-ca-certificate=root-ca.pem \
> --load-pubkey=intermediate-ca.pubkey \
> > intermediate-ca.pem
>
> You will also be prompted to answer some questions here.
>
> Now you can create the end entity's certificate, using the intermediate
> CA's key:
>
> certtool --load-ca-privkey=intermediate-ca.key \
> --load-ca-certificate=intermediate-ca.pem \
> --load-pubkey=end-entity.pubkey \
> > end-entity.pem
Sigh. The above two commands both are missing the relevant action
argument, which is --generate-certificate. i'm not sure how i missed
that :)
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20131017/6b21b12b/attachment.sig>
More information about the Gnutls-help
mailing list