Certificate Auth Notes

Remove PEM Password

You can use the openssl rsa command to remove the passphrase. As arguments, we pass in the SSL .key and get a .key file as output.

openssl rsa -in fplabs_with_pass.key -out fplabs.key


DDR cert auth notes

SSL forward proxy certificate signing

sudo openssl ca -config paloCAopenssl.cnf -extensions v3_intermediate_ca -days 3750 -notext -md sha256 -in intermediate/csr/ssl-lab20.csr -out intermediate/certs/ssl-lab20.crt

sudo openssl ca -config paloCAopenssl.cnf -extensions v3_intermediate_ca -days 3750 -notext -md sha256 -in intermediate/csr/cert_Palo_SSL_outbound.csr -out intermediate/certs/Palo_SSL_outbound.crt