mkdir temp
cfssl gencert -initca -loglevel 0 ca-csr.json | cfssljson -bare temp/root-ca

cfssl serve -address=0.0.0.0 -port=8888 -config=ca-config.json -ca=temp/root-ca.pem -ca-key=temp/root-ca-key.pem

cfssl gencert -config=client-conf.json -remote=127.0.0.1 -profile=client client-req.json | cfssljson --bare temp/test123

openssl rsa -modulus -noout -in temp/test123-key.pem | openssl md5
openssl x509 -modulus -noout -in temp/test123.pem | openssl md5

openssl verify -CAfile temp/root-ca.pem temp/test123.pem

 openssl req -in temp/test123.csr -noout -text