Generating X509 Version 2 certificate

Varun Rapelly varunrapelly at
Fri Jul 10 12:16:44 UTC 2020


I would like to create a self signed certificate with X509 version 2.

I know that we need to configure "Issuer and subject unique identifiers"
for X509 v2 format certificate, but not able to find the configuration
required (in openssl.conf) to enable it.

Please let me know how to enable the above mentioned
extensions for creating X509v2 format certificate?

Following below steps to create the certificate:
    mkdir newcerts
    touch index.txt
    echo '01' > serial
    cp ~/TLS_Cert/X509v2/ca.key .
    cp ~/TLS_Cert/X509v2/ca.crt .
    cp ~/TLS_Cert/X509v2/ca.cnf .
     read answer
    openssl ca -config ca.cnf -out -infiles request.csr

Attached ca.cnf file.

Thanks in advance.
Varun Rapelly
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ca.cnf
Type: application/octet-stream
Size: 2676 bytes
Desc: not available
URL: <>

More information about the openssl-users mailing list