[14:07 ] ~/user > CA.pl -newca
CA certificate filename (or enter to create)

Making CA certificate ...
Using configuration from /var/ssl/openssl.cnf
Generating a 1024 bit RSA private key
.......................................................................++++++
..............................++++++
writing new private key to './demoCA/private/cakey.pem'
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:MyState
Locality Name (eg, city) []:City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Organization
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:lovethedomain.com
Email Address []:user@lovethedomain.com
[14:08 ] ~/user > openssl x509 -in demoCA/cacert.pem -days 1024 -out cacert.pem
-signkey demoCA/private/cakey.pem
Getting Private key
Enter PEM pass phrase:
[14:09 ] ~/user > cp cacert.pem demoCA/cacert.pem
[14:09 ] ~/user > CA.pl -newreq
Using configuration from /var/ssl/openssl.cnf
Generating a 1024 bit RSA private key
......................++++++
.......................................................................++++++
writing new private key to 'newreq.pem'
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:MyState
Locality Name (eg, city) []:City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Organization
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:lovethedomain.com
Email Address []:user@lovethedomain.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Request (and private key) is in newreq.pem
[14:09 ] ~/user > CA.pl -signreq
Using configuration from /var/ssl/openssl.cnf
Enter PEM pass phrase:
Check that the request matches the signature
Signature ok
The Subjects Distinguished Name is as follows
countryName           :PRINTABLE:'US'
stateOrProvinceName   :PRINTABLE:'MyState'
localityName          :PRINTABLE:'City'
organizationName      :PRINTABLE:'My Organization'
commonName            :PRINTABLE:'lovethedomain.com'
emailAddress          :IA5STRING:'user@lovethedomain.com'
Certificate is to be certified until Jun 30 19:09:59 2004 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
Signed certificate is in newcert.pem
[14:10 ] ~/user > openssl pkcs12 -export -in newcert.pem -inkey newreq.pem
-certfile demoCA/cacert.pem -name "user" -out user.p12
Enter PEM pass phrase:
Enter Export Password:
Verifying password - Enter Export Password: