Managing Certificate is always interesting topic when we need to secure device communication. Having valid certificates is always good option but sometimes not justify for personal / testing purpose.
Here i have ubuntu 22.04 running on Raspberry Pi 4 with 4GB RAM and technically can be applied to other platform.
Let’s follow following steps:
- generate random certificate
openssl req -x509 -new -nodes -keyout mgr-ca.key -out mgr-ca.crt
then key in other necessary info until completed
You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:ID State or Province Name (full name) [Some-State]:BT Locality Name (eg, city) []:TG
It will generate CA certificate and Private Key
ubuntu@manager:~/cert/ldap$ ls mgr-ca.crt mgr-ca.key
- install CA Certificate Package
sudo apt-get install -y ca-certificates
- copy the certificate to local CA certificate directory
sudo cp mgr-ca.crt /usr/local/share/ca-certificates
- add certificate to trust store
sudo update-ca-certificates
- verify the certificate in pem format
ubuntu@manager:~/cert/ldap$ sudo ls /etc/ssl/certs/ | grep mgr mgr-ca.pem