[TYPE THE COMPANY NAME]

Bahir Dar University

Bahir Dar Institute Of Technology (BiT)

[Type the abstract of the document here. The abstract is typically a short summary of the contents of
the document. Type the abstract of the document here. The abstract is typically a short summary of the
contents of the document.]
Quiz 5: Digital Certificates
Create two certification authorities CA1 and CA2. CA1 is the root certification
authority, and CA2 is certified by CA1. Create a certificate request and sign it
by CA2

1. CA1 is the root Certificate authority that is available at the top of intermediate
Certificate authorities. Now we are going to produce root Certificate authority.
Generate the root certificate authority (CA1) private key which is 1024 bit size
Openssl> genrsa -out root.key 1024

2. Create request for certification:

openssl> req –new x509 -days 365 –key root.key –out root.crt
Now we are going to fill requested certificate authority information’s fields (Distinguished
Name or DN) of the root certificate authority. Some fields may be optional.
3. Create private key of 1024 bit size, the same action is done here, as the root
certificate for CA2
Openssl> genrsa -out ca2.key 1024

4. Now we are going to fill requested certificate authority information’s fields

(Distinguished Name or DN) for CA2
openssl> req –new –key ca2.key –out ca2.crt
5. CA2 should request for the root, i.e. CA1 to be validated by the CA1