Stream of Ry

SSL Commands

I’ve done this 3 times now, so I should be writing this down.

Creating a CSR #

openssl req -new -newkey rsa:2048 -nodes -keyout  -out

Creating a .pfx file from .crt files #

openssl pkcs12 -export -out -inkey ../ -in mobileapp_deped_gov_ph.crt -certfile DigiCertCA.crt -certfile TrustedRoot.crt

Completing the chain #

So, it turns out I only needed DigiCertCA above, instead of including the root, as this breaks the intermediate chain certs. I think the last -certfile overrides the earlier call instead of chaining all the files.