Links: Working With OpenSSL

I’m sure I’m not alone in thinking that OpenSSL is a bit of a dark art, what with all the terminology and strange CLI invocations and such. I suppose one may think that documenting this process would be better, but there’s already a lot out there that just needs to be surfaced.

So, here’s a collection of helpful links for working with OpenSSL to create certificates and CSRs, working with private keys, etc. I’ll post additional links here as I find them.

OpenSSL CA: creating a certificate chain with a root and intermediate certificates, and using those to create and server and client certificates. This I found to be extremely useful, although the process may need to be tweaked a little if you’re not too keen with using OpenSSL to manage the certificates and block-lists, etc.

Creating Elliptical Curve Keys using OpenSSL: the above link used RSA keys, which can get quite large. So if you’re interesting in using elliptical curve keys instead, take a look at this one.