OpenSSL - Create DSA public certificate
by
Jeremy Canfield |
Updated: May 25 2024
| OpenSSL articles
This assumes that you have already installed OpenSSL on your system.
Private key
This assumes you've already created a private key, such as example.com.key. If not, refer to our article on creating a private key.
Certificate
Create an DSA certificate.
openssl req -x509 -newkey dsa:dsaparam.pem -out /etc/pki/tls/certs/certificate.crt
There will be a series of prompts.
| Area | Example | Description |
|---|---|---|
| Password | myPassword | Password |
| Country Name | US | United States |
| State/Province | FL | Florida |
| Locality Name | Miami | City |
| Organization Name | Example, Inc. | Company name |
| Organization Unit Name | Example, Inc. | Company name |
| Common Name | www.example.com | Domain name |
| Email Address | admin@example.com | Admin email |
Ensure only root can read the private key file.
~]# chmod 400 /etc/pki/tls/private/private.key
View the content of the private.key file and ensure BEGIN DSA PARAMETERS is displayed.
~]# cat /etc/pki/tls/private/private.key
-----BEGIN ENCRYPTED PRIVATE KEY-----
View the content of the certificate.crt file and ensure BEGIN CERTIFCATE is displayed.
~]# cat /etc/pki/tls/certs/certificate.crt
-----BEGIN CERTIFICATE-----
Did you find this article helpful?
If so, consider buying me a coffee over at 