Create Subordinate CA

Now lets create our subordinate CA that will be used for the actual signing. First, generate the key:
genrsa -out ia.key 4096

 

Then, request a certificate for this subordinate CA:
req -new -key ia.key -out ia.csr

 

Make sure that the Common Name you enter here is different from the Common Name you entered previously for the root CA.

Now lets process the request for the subordinate CA certificate and get it signed by the root CA.

x509 -req -days 730 -in ia.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out ia.crt

 

Certificate  details by double clicking the ia.crt file.

Share on Google Plus

About Mahinda Jayasundara

This is a short description in the author block about the author. You edit it by entering text in the "Biographical Info" field in the user admin panel.