This is an overview of a simple way to create a self signed TLS key pair. Particularly how to create the TLS files and convert the key file to the PKCS8 format.
Here it is:
openssl req \ -x509 \ -nodes \ -days 365 \ -newkey rsa:4096 \ -keyout selfsigned.key.pem \ -out selfsigned-x509.crt \ -subj "/C=US/ST=WA/L=Seattle/CN=example.com/[email protected]"
Output:
openssl pkcs8 \ -topk8 \ -inform PEM \ -outform PEM \ -in selfsigned.key.pem \ -out selfsigned-pkcs8.pem
Ouptut:
Thats it. Just change the parameters in the subject. both of these commands can be chained into a one liner, but it’s easy enough to just run them separately.
Done.
Implementing least privilege is an essential component of a robust security strategy. The principle of least privilege (PoLP) entails providing only the minimum permissions required to perform a task.
Read moreImposter syndrome — the persistent belief that you’re not as competent as others perceive you to be — is something many engineers grapple with.
Read moreIn today’s connected world, one of the most important aspects of digital security is reliable user authentication.
Read moreScript kitties are relentless. Your servers are under constant attack and for me, I find it fun to watch the attack attempts in my logging server with a glass of Malbec at sunset.
Read moreYour infrastructure ONLY as strong as your weakest link. TL;DR – See solution in docker compose
Read moreIf you are a DevOps engineer, systems engineer or SRE, it’s invaluable to have a lab environment that gives you free space to explore, build, break, fix, break, refactor, rebuild… and rebuild any part of the infrastructure you wish to work on.
Read more