...
- Certificate request, which it writes it to file req.pem
- Private key, which it writes it to file cakey.pem
Panel |
---|
Html bobswift |
---|
<pre>
ucert -create request -request_file req.pem -private_key_file cakey.pem -country US -state Maryland -locality Baltimore
-organization "Acme, Inc." -common_name "Acme CA"
</pre>
|
|
It is imperative that the private key file
cakey.pem is secured so that no one other than the CA has read access. If unauthorized access is gained to the CA's private key, all certificates issued by the CA no longer can be trusted.
The following Universal Certificate command creates the CA certificate and writes it to file
cacert.pem.
Panel |
---|
Html bobswift |
---|
<pre>
ucert -create cert -request_file req.pem -cert_file cacert.pem -private_key_file cakey.pem -ca yes
</pre>
|
|
The CA certificate,
cacert.pem, must be made available to any system that wants to consider the certificates issued by the CA as valid.
...