7.16.3 Create a Certificate Authority

1.  Select Certificate Authority from the Create menu:

2.  Enter the subject name information. The subject name information is also used for the issuer name.

3.  Select the key usage:

4.  Enter the certificate file, private key file, password, serial number and expiry date:

Create Certificate Authority processing steps

1.  Create private and public key (save private key in PKCS#8 format)

2.  Create X500 Name (X509 certificate subject)

3.  Set valid date range

4.  Set serial number

5.  Set basic constraint to CA, unlimited path length and flag critical

6.  Set key usage extension and flag critical

7.  Set subject alternate name extension (email)

8.  Set subject key id extension

9.  Set authority key id extension

10.  Sign and save X509 certificate (This is self-signed, subject and issuer are the same).