... | ... | @@ -34,6 +34,48 @@ Generating key store and certificate |
|
|
> 3. If you use Windows, you should [install OpenSSL for Windows](http://slproweb.com/products/Win32OpenSSL.html)
|
|
|
> 3. If you use Windows, you may install a `git-bash` (like the one embedded within [SourceTree](https://www.sourcetreeapp.com/))
|
|
|
|
|
|
First, you need to create your RSA 2048 key-pair with the following command:
|
|
|
|
|
|
```
|
|
|
openssl req -nodes -newkey rsa:2048 -keyout request.key -out request.csr
|
|
|
```
|
|
|
|
|
|
You will be prompted with some questions, which you need to supply the answers. You may want to configure the `openssl req` with predefined data. To do so, create a `config` file like the template below:
|
|
|
|
|
|
```
|
|
|
[ req ]
|
|
|
distinguished_name = req_distinguished_name
|
|
|
prompt = no
|
|
|
[ req_distinguished_name ]
|
|
|
emailAddress = john@webmail.com
|
|
|
commonName = John Doe
|
|
|
countryName = BR
|
|
|
stateOrProvinceName = Rio de Janeiro
|
|
|
localityName = Rio de Janeiro
|
|
|
organizationName = John’s Company
|
|
|
```
|
|
|
Then pass it to the `openssl req` command like the follow:
|
|
|
|
|
|
|
|
|
```
|
|
|
openssl req -config config -nodes -newkey rsa:2048 -keyout request.key -out request.csr
|
|
|
```
|
|
|
|
|
|
This will generate a new public-private key-pair:
|
|
|
|
|
|
- `request.key` is the private key
|
|
|
- `request.csr` is the public key
|
|
|
|
|
|
Never, **EVER**, share your private key `request.key` in a non-secure media. If you must transfer it from your trusted computer to anothe, do it safely. Some suggestions are:
|
|
|
|
|
|
1. use `scp` to copy this file over `ssh` encryption to your other trusted computer;
|
|
|
1. zip it with a password, forward the file with a pen-drive or in a email, and tell the destinatary the password through another media;
|
|
|
1. upload it with `https` to a trusted server of your own.
|
|
|
|
|
|
If somehow you have shared your private key `request.key` in a unsecure way, please, **BURN IT WITH FIRE BEFORE IT LAYS EGGS OF SECURITY BREACHNESS**. You are warned. You should take your security seriously. Pretty pretty seriously.
|
|
|
|
|
|
Your public key is meant to be shared with the wind. There is no worry about this as long as [$`P \neq NP`$](https://en.wikipedia.org/wiki/P_versus_NP_problem).
|
|
|
|
|
|
**WIP**
|
|
|
|
|
|
iOS deployments
|
... | ... | |