Markvision Enterprise
You can create a self‑signed root CA certificate, or generate a certificate request and then get it signed by the root CA.
Note: Replace the key length, signature algorithm, and certificate name with the appropriate values.
Run the following command:
Replace the subject in the request with your CA information using openssl req -new -key /etc/certs/openxpki_democa/ca-root-1.key -out /etc/certs/openxpki_democa/ca-root-1.csr.
Get the certificate signed by the root CA using openssl req -config /etc/certs/openxpki_democa/openssl.conf -extensions v3_ca_extensions - x509 -days 3560 -in /etc/certs/openxpki_democa/ca-root-1.csr -key /etc/certs/openxpki_democa/ca-root-1.key -out /etc/certs/openxpki_democa/ca-root-1.crt - sha256.
Go to /etc/certs/openxpki_democa/ where ca-root-1.crt is saved.