Microsoft Certification Authority

Request Subordinate authority certificate

How to create subordinate certificate that can be used for example by Forticlient for SSL inspection.

I prefer to use OpenSSL for this:

Request

openssl req -new -newkey rsa:2048 -keyout fortigate-sub-ca.key -out fortigate-sub-ca.csr

Private key

openssl req -new -newkey rsa:2048 -keyout fortigate-sub-ca.key -out fortigate-sub-ca.csr -nodes

Encrypt private key

openssl rsa -des3 -in fortigate-sub-ca.key -out fortigate-sub-ca-encrypted.key