# OpenSSL with CA

1. Generate private key for CA.
2. Generate CA certificate with CA private key.
3. Generate private key for the application.
4. Create certificate signing request (CSR) for the application.
5. Sign the CSR with the CA certificate and CA private key.

## Generate private key for CA

```
openssl genrsa -out ca.key 4096
```

## Generate CA certificate

```
openssl req -new -x509 -key ca.key -out ca.crt
```

## Generate app private key

```
openssl genrsa -out app.key 4096
```

## Generate CSR

```
openssl req -new -key app.key -out app.csr
```

## Sign CSR

```
openssl x509 -req -in app.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out app.crt
```