Here’s a good question… especially when you don’t have any fucking idea on how to do this !
So, I make a search and just found this website who explain lots of thing about it: https://jamielinux.com/docs/openssl-certificate-authority/
Here’s my feedback…
First, I must say that it’s obviously well written and it was a pleasure to read it. Good explainations, everything is clear, simply detailled…
My goal isn’t to make a simple certification chain.
I had to generate files for root, intermediate and user certificates files and to use them into a « CFT » tool.
So, here we go: you’ll just have to follow the instructions and adapt it to your needs. Then, you’ll get the whole chain files. Take it, use it.
SSL certification isn’t my cup of tea, I must confess. But this is the kind of documentation who will help me a lot !
Don’t hesitate if you’re not familiar with openssl commands… One more time: well written, detailed… Good stuff ! I recommend.