I wonted to create my own self-Signed-Certificate of a project.
For that I have flowed this tutorial
So according to that
I have generated my own certificate authority with openssl with this command
openssl req -x509 \
-sha256 -days 356 \
-nodes \
-newkey rsa:2048 \
-subj "/CN=demo.mlopshub.com/C=US/L=San Fransisco" \
-keyout rootCA.key -out rootCA.crt
Then to create my self-Signed-Certificate I created a key with this command
openssl genrsa -out server.key 2048
Then I create a Signing Request Configuration file
cat > csr.conf <<EOF
[ req ]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn
[ dn ]
C = US
ST = California
L = San Fransisco
O = MLopsHub
OU = MlopsHub Dev
CN = demo.mlopshub.com
[ req_ext ]
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = demo.mlopshub.com
DNS.2 = www.demo.mlopshub.com
IP.1 = 192.168.1.5
IP.2 = 192.168.1.6
EOF
Then I created Certificate Signing Request (CSR) with the key
openssl req -new -key server.key -out server.csr -config csr.conf
Then I created Create a external file
cat > cert.conf <<EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = demo.mlopshub.com
EOF
Then Generate SSL certificate With self signed CA
openssl x509 -req \
-in server.csr \
-CA rootCA.crt -CAkey rootCA.key \
-CAcreateserial -out server.crt \
-days 365 \
-sha256 -extfile cert.conf
What I am thinking is what should I put in O && OU in my csr.conf. And what is CN. And why should I put two DNS and two IPS.
