OpenSSL PKI Tutorial v2.0

Create and operate Public Key Infrastructures with OpenSSL.


This tutorial shows how to implement real-world PKIs with the OpenSSL toolkit.

In the first part of the tutorial we introduce the necessary terms and concepts. The second part consists of examples, where we build increasingly more sophisticated PKIs using nothing but the openssl utility. The tutorial puts a special focus on configuration files, which are key to taming the openssl command line. The tutorial uses:

  • One configuration file per CA, and

  • One configuration file per CSR type.

Please study the configuration files included in the examples, it’s where most of the treasure is buried.

PKI Concepts

An X.509 PKI is a security architecture that uses well-established cryptographic mechanisms to support use-cases like email protection and web server authentication. In this regard it is similar to other systems based on public-key cryptography, for example OpenPGP [RFC 4880]. In the realm of X.509 however, and thanks to its roots in a globe-spanning scheme devised by the telecom industry [X.400], these mechanisms come with a fair amount of administrative overhead.

One thing to keep in mind is that X.509 is not an application, but a specification upon which applications like Secure Multipurpose Internet Mail Extensions (S/MIME) and Transport Layer Security (TLS) are based. The building blocks are very generic and derive most of their meaning from the relations that exist/are established between them. It’s called an infrastructure for a reason.


  1. A requestor generates a CSR and submits it to the CA.

  2. The CA issues a certificate based on the CSR and returns it to the requestor.

  3. Should the certificate at some point be revoked, the CA adds it to its CRL.


Public Key Infrastructure (PKI)

Security architecture where trust is conveyed through the signature of a trusted CA.

Certificate Authority (CA)

Entity issuing certificates and CRLs.

Registration Authority (RA)

Entity handling PKI enrolment. May be identical with the CA.


Public key and ID bound by a CA signature.

Certificate Signing Request (CSR)

Request for certification. Contains public key and ID to be certified.

Certificate Revocation List (CRL)

List of revoked certificates. Issued by a CA at regular intervals.

Certification Practice Statement (CPS)

Document describing structure and processes of a CA.

CA Types

Root CA

CA at the root of a PKI hierarchy. Issues only CA certificates.

Intermediate CA

CA below the root CA but not a signing CA. Issues only CA certificates.

Signing CA

CA at the bottom of a PKI hierarchy. Issues only user certificates.

Certificate Types

CA Certificate

Certificate of a CA. Used to sign certificates and CRLs.

Root Certificate

Self-signed CA certificate at the root of a PKI hierarchy. Serves as the PKI’s trust anchor.

Cross Certificate

CA certificate issued by a CA external to the primary PKI hierarchy. Used to connect two PKIs and thus usually comes in pairs. [1]

User Certificate

End-entity certificate issued for one or more purposes: email-protection, server-auth, client-auth, code-signing, etc. A user certificate cannot sign other certificates.


File Formats

Privacy Enhanced Mail (PEM)

Text format. Base-64 encoded data with header and footer lines. Preferred format in OpenSSL and most software based on it (e.g. Apache mod_ssl, stunnel).

Distinguished Encoding Rules (DER)

Binary format. Preferred format in Windows environments. Also the official format for Internet download of certificates and CRLs.


The examples are meant to be done in order, each providing the basis for the ones that follow. They are relatively low on prose, we prefer to let the configuration files and command lines speak for themselves.

You will find a reference section at the bottom of each page, with links to relevant parts of the OpenSSL documentation. Please use these links for details on command line options and configuration file settings.

We recommend at least OpenSSL 3.0.5. Check with:

openssl version


The examples are designed to be simple, consistent, complete, and reproducible. They are not meant to showcase the latest trends in PKI design nor do they explore every last feature of OpenSSL. Rather, they can serve as templates for you to modify and extend when creating your own PKIs.

Simple PKI

In this example we create the simplest possible PKI: One root CA and one signing CA. We use the PKI to issue email-protection and TLS-server certificates.

Advanced PKI

In this example we create a larger setup, consisting of a root CA and three signing CAs. We use the PKI to issue email-protection, TLS-server, TLS-client, and code-signing certificates. We encounter two new certificate extensions: authorityInfoAccess and crlDistributionPoints.

Expert PKI

In this example we create a 3-tier CA hierarchy: One root CA, one intermediate CA, and two signing CAs. We use the PKI to issue identity & encryption certificates to end-users, as well as TLS-server, TLS-client, time-stamping, and OCSP-signing certificates to network components. We introduce the subjectInfoAccess and certificatePolicies extensions. We also show how to work with OCSP responders.


MIME Types

This section takes a closer look at the MIME types and file extensions used.

CA Database

This section examines the format of the CA database.

X.509 v3 Extensions

This section describes the certificate extensions used in the tutorial examples.


RFC 5280

Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile

RFC 2585

Internet X.509 Public Key Infrastructure Operational Protocols: FTP and HTTP

RFC 8550

Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 Certificate Handling

RFC 6125

Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS)

Baseline Requirements [pdf, opens in browser]

CA/Browser Forum Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates

X.509 Recommendation [pdf, direct download]

ITU-T X.509 Public-Key and Attribute Certificate Frameworks Recommendation