OpenSSL keyUsage as CA [closed]

Question

Closed. This question is off-topic. It is not currently accepting answers.

---

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 8 years ago.

Improve this question

How could I set the keyUsage of new a certificate signed by my CA that will have the same policies?

I tried to generate a certificate by running the command below:

openssl ca \
  -policy policy_anything \
  -cert ca.cer \
  -in cerreq.csr \
  -keyfile ca.key \
  -days 365 \
  -out cer.cer

Is there command parameter that should I include to set the keyUsage for the certificate?

Answer 1

You have to add -extenstions v3_ca This extenstion will add basicConstraints = CA:true, which means that you will be able to sign certificates with this certificate.