Printer FriendlyEmail Article Link

Spirent TestCenter: OpenSSL - How to generate the certificates for 802.1x?

Generating the certificates in order to use 802.1x with TLS

The following steps are for Linux, if using Windows, create 'SSL' directory and 'index.txt' file manually

mkdir /home/SSL
cd /home/SSL

touch index.txt
echo '01' > serial
# Copy .cnf files here

# Create a new self-signed CA certificate
openssl req -new -x509 -keyout ca.key -out ca.pem -days 60 -config ca.cnf
openssl x509 -inform PEM -outform DER -in ca.pem -out ca.der

# Create a new server certificate, signed by the above CA.
openssl req -new  -out server.csr -keyout server.key -config server.cnf
openssl ca -batch -keyfile ca.key -cert ca.pem -in server.csr -key spirent -out server.crt -config server.cnf
openssl pkcs12 -export -in server.crt -inkey server.key -out server.p12  -passin pass:spirent -passout pass:spirent
openssl pkcs12 -in server.p12 -out server.pem -passin pass:spirent -passout pass:spirent
openssl verify -CAfile ca.pem server.pem

# Create a new client certificate, signed by the the above CA
openssl req -new  -out client.csr -keyout client.key -config client.cnf
openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key spirent -out client.crt -config client.cnf
openssl pkcs12 -export -in client.crt -inkey client.key -out client.p12  -passin pass:spirent -passout pass:spirent
openssl pkcs12 -in client.p12 -out client.pem -passin pass:spirent -passout pass:spirent
openssl verify -CAfile ca.pem client.pem



Product : 802.1X,Spirent TestCenter,SSL