I’ve been using self-signed certificates for a while – but – that means getting the users to approve them each time they change. Instead – lets generate a Certificate Authority (CA) certificate with a reasonably long life – get them to install that and then new certificates signed with that will be valid for them.
We will install a CA area on /etc/ssl/ca and then create a certificate signed with this.
“Using a self-generated Certificate Authority for OpenSSL”Continue reading