Generate A SAML Key And Certificate Pair
The openssl
utility can be used to generate a SAML (Security Assertion Markup Language) key pair which consists of a public certificate and a private key.
The req command primarily creates and processes certificate requests in PKCS#10 format. It can additionally create self-signed certificates, for use as root CAs, for example.
The flags to req
are as follows:
-new
for a new certificate (cert) request-x509
to output a self-signed cert instead of a cert request-days 365
for a year-long cert-nodes
to not encrypt the private key-sha256
is the digest algorithm for signing the cert-out saml.crt
specifies the certificate output file-keyout saml.key
specifies the private key output file
See man openssl
and search for openssl req
for more details.
Last updated