calvin.house/docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed certificate verify and bundle commands

Browse Source
This commit is contained in:
Calvin L House, Jr
2025-11-18 03:56:17 +00:00
parent f75cec617c
commit 7214b9d200
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tls_docs/ca/certificate_signing.md
View File

@@ -51,11 +51,11 @@ The *-CAcreateserial* will create a serial file to track each created certificat
### Verify the certificate and trust chain
```
openssl x509 -noout -text -in certs/server.crt
openssl verify -CAfile certs/ca-bundle.crt certs/server.crt # certs/server.crt
openssl verify -CAfile certs/ca-bundle.crt certs/server.crt
```
The `verify` command should return OK, verifying the trust chain.
### Create the certificate archive bundle and transfer to the server/user if the CSR is is provided, a key will not be bundled, as it will reside with the server or the user. Use the desired transfer method to move the TLS bundle to the desired location
```
tar cvzf bundles/server-or-user.tar.gz certs/server-or-user (private/server-or-user.key added if key was created by the CA).
tar cvzf bundles/server-or-user.tar.gz certs/server-or-user certs/ca-bundle.crt (private/server-or-user.key added if key was created by the CA).
```