| Security / Certificates in practice | |
The openssl command line tool creates certificates for the configuration of secured communications.
It requires a configuration file with the default parameters such as the key size or the private key name. OpenSSL is provided with a default configuration file openssl.cnf.
The openssl tool looks for the openssl.cnf file in the directory where it is executed; it stops if the file is not present. To use the openssl tool from any directory, set the OPENSSL_CONF environment variable to specify the location of the configuration file.
For information on how the openssl tool works, refer to the openssl documentation at http://www.openssl.org/docs/apps/openssl.html.