Certificate management with OpenSSL

The instructions in these topics use OpenSSL to demonstrate how you can generate key pairs and certificates. You can, however, use another tool of your choice.

OpenSSL is an open-source toolkit that implements the Secure Sockets Layer (SSL v2 and v3) and Transport Layer Security (TLS v1) protocols. It is also a general-purpose cryptographic library.

OpenSSL comes with a command-line tool through which you can perform the following cryptographic operations:

  • Create and manage public/private key pairs
  • Cryptographic operations with public and private keys
  • Create X.509 certificates and PKCS #10 certificate requests

You can download OpenSSL at the following locations:

The procedures in these topics assume that you have installed OpenSSL 0.9.8l or later.