Reputation: 31
How can we create TLS v1.2 certificates using open SSL
We need to support 2 way SSL in our project . For this, we need to create the TLS v1.2 certificates. I am not sure how to mention the TLS version (i.e 1.2) while creating the certificate.
Upvotes: 2
Views: 11839
Answers (2)
Reputation: 92
Certificates are based on x509 standard which has certificate version(Currently v3). Like Steffen explained above independent from SSL/TLS versions.
Upvotes: 0
Reputation: 123531
The certificate is independent from the TLS version. The TLS version (and ciphers) are relevant for the SSL handshake which includes the exchange of the certificate(s). The validation of the certificates is outside the SSL handshake and is thus independent from TLS version and ciphers but depends only on the certificate itself. There is a small dependency that with TLS 1.2 the acceptable signature algorithms can be send, but as long as the certificate is signed with SHA-256 (current state of the art) you are safe.
Upvotes: 5
Related Questions
- How do you make an ssl certificate with tls 1.3?
- Open SSL generate x509 self signed certificate with Friendly Name
- unable to make tls1.2 connection via CLI
- How to do TLS 1.3 PSK using openssl?
- openssl create certificate and key
- Configure Apache TLSv 1.2
- Generating a self signed certificate using TLSv1.2 or 1.1
- how to use TLSv1.2 in java
- About TLS 1.2 support in openssl
- How to generate SSL certificate using openSSL?