ns:/etc/httpd/ssl/peters # openssl req -config /usr/ssl/openssl.cnf -new -out peters-zertifikat.csr
Using configuration from /usr/ssl/openssl.cnf
Generating a 1024 bit RSA private key
..................++++++
.........................++++++
writing new private key to 'privkey.pem'
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:DE
State or Province Name (full name) [Some-State]:Nordrhein Westfalen
Locality Name (eg, city) []:Porta Westfalica
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Peters Homeoffice
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:ftp.peters-owl.de
Email Address []:ija@peters-owl.de

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

ns:/etc/httpd/ssl/peters # l
total 5
drwxr-xr-x   3 root     root         1024 Aug 30 11:58 ./
drwxr-xr-x   8 root     root         1024 Aug 30 11:22 ../
-rw-r--r--   1 root     root          729 Aug 30 11:58 peters-zertifikat.csr
-rw-r--r--   1 root     root          963 Aug 30 11:58 privkey.pem
ns:/etc/httpd/ssl/peters #
##########################################################################################

ns:/etc/httpd/ssl/peters # openssl rsa -in privkey.pem -out peters-zertifikat.key
read RSA key
Enter PEM pass phrase:
writing RSA key

ns:/etc/httpd/ssl/peters # l
total 6
drwxr-xr-x   3 root     root         1024 Aug 30 12:00 ./
drwxr-xr-x   8 root     root         1024 Aug 30 11:22 ../
-rw-r--r--   1 root     root          729 Aug 30 11:58 peters-zertifikat.csr
-rw-r--r--   1 root     root          887 Aug 30 12:00 peters-zertifikat.key
-rw-r--r--   1 root     root          963 Aug 30 11:58 privkey.pem
ns:/etc/httpd/ssl/peters #
##########################################################################################

ns:/etc/httpd/ssl/peters # openssl x509 -in peters-zertifikat.csr -out peters-zertifikat.crt -req -signkey peters-zertifikat.key -days 365
Signature ok
subject=/C=DE/ST=Nordrhein Westfalen/L=Porta Westfalica/O=Peters Homeoffice/CN=ftp.peters-owl.de/Email=ija@peters-owl.de
Getting Private key

ns:/etc/httpd/ssl/peters # l
total 7
drwxr-xr-x   3 root     root         1024 Aug 30 12:01 ./
drwxr-xr-x   8 root     root         1024 Aug 30 11:22 ../
-rw-r--r--   1 root     root          993 Aug 30 12:01 peters-zertifikat.crt
-rw-r--r--   1 root     root          729 Aug 30 11:58 peters-zertifikat.csr
-rw-r--r--   1 root     root          887 Aug 30 12:00 peters-zertifikat.key
-rw-r--r--   1 root     root          963 Aug 30 11:58 privkey.pem
ns:/etc/httpd/ssl/peters # 

###########################################################################################


ns:/etc/httpd/ssl/peters # openssl x509 -in peters-zertifikat.crt -out peters-zertifikat.der.crt -outform DER
ns:/etc/httpd/ssl/peters # l
total 8
drwxr-xr-x   3 root     root         1024 Aug 30 12:02 ./
drwxr-xr-x   8 root     root         1024 Aug 30 11:22 ../
-rw-r--r--   1 root     root          993 Aug 30 12:01 peters-zertifikat.crt
-rw-r--r--   1 root     root          729 Aug 30 11:58 peters-zertifikat.csr
-rw-r--r--   1 root     root          693 Aug 30 12:02 peters-zertifikat.der.crt
-rw-r--r--   1 root     root          887 Aug 30 12:00 peters-zertifikat.key
-rw-r--r--   1 root     root          963 Aug 30 11:58 privkey.pem
ns:/etc/httpd/ssl/peters # 

#############################################################################################
Prüfsumme des öffentlichen Schlüssels

Auf der Teilnehmer-Erklärung wird nach der Prüfsumme des öffentlichen Schlüssels gefragt, 
der aus dem geheimen Schlüssel MyKey.pem wie folgt generiert wird: 


ns:/etc/httpd/ssl/peters # openssl rsa -pubout -in privkey.pem -out peters-pub.pem        
read RSA key
Enter PEM pass phrase:
writing RSA key


ns:/etc/httpd/ssl/peters # l
total 9
drwxr-xr-x   3 root     root         1024 Aug 30 12:20 ./
drwxr-xr-x   8 root     root         1024 Aug 30 11:22 ../
drwxr-xr-x   2 root     root         1024 Aug 30 11:48 back/
-rw-r--r--   1 root     root          272 Aug 30 12:20 peters-pub.pem
-rw-r--r--   1 root     root          993 Aug 30 12:01 peters-zertifikat.crt
-rw-r--r--   1 root     root          729 Aug 30 11:58 peters-zertifikat.csr
-rw-r--r--   1 root     root          693 Aug 30 12:02 peters-zertifikat.der.crt
-rw-r--r--   1 root     root          887 Aug 30 12:00 peters-zertifikat.key
-rw-r--r--   1 root     root          963 Aug 30 11:58 privkey.pem
ns:/etc/httpd/ssl/peters # 

##############################################################################