From reSIProcate
Jump to navigation Jump to search

in the sip/cert directory you can find makeCA and makeCert

first run makeCA This will make a CA and a file called root_cert_fluffyCA.pem

This is the root certificate for the CA - it good for testing but it is not secure.

then to make a TLS certificate for a domain example.com run

  makeCert example.com 

this will make a files called domain_cert_example.com.pem domain_key_example.com.pem example.com.csr

The domain_key file is the private key

The domain_cert file is a cert signed with the example CA you just made. It is good for testing but is not secure in any way.

The .csr file is a certificate signing request and you can use it to get a certificate from a real CA

to make a S/MIME certificate for fluffy@example.com run

  makeCert fluffy@example.com

This will make the files user_cert_fluffy@example.com.pem user_key_fluffy@example.com.pem

All of these files can be copied into the ~/.sipCerts directory