鏂板缓

涓婁紶

棣栭〉

鍔╂墜

鏈€杩?/div>

璧勬枡搴?/div>

宸ュ叿

Linux

涓嬪埄鐢?/p>

openssl

鐢熸垚

SSL

璇佷功姝ラ

1

銆佹蹇?/p>

棣栧厛瑕佹湁涓€涓?/p>

CA

鏍硅瘉涔︼紝鐒跺悗鐢?/p>

CA

鏍硅瘉涔︽潵绛惧彂鐢ㄦ埛璇佷功銆?/p>

鐢ㄦ埛杩涜璇佷功鐢宠锛氫竴鑸厛鐢熸垚涓€涓閽ワ紝鐒跺悗鐢ㄧ閽ョ敓鎴愯瘉涔﹁姹?/p>

(

璇佷功璇锋眰閲屽簲鍚湁鍏?/p>

閽ヤ俊鎭?/p>

)

锛屽啀鍒╃敤璇佷功鏈嶅姟鍣ㄧ殑

CA

鏍硅瘉涔︽潵绛惧彂璇佷功銆?/p>

2

銆佸悗缂€璇﹁В

.key

鏍煎紡锛氱鏈夌殑瀵嗛挜

.csr

鏍煎紡锛?/p>

璇佷功绛惧悕璇锋眰

锛堣瘉涔﹁姹傛枃浠讹級

锛?/p>

鍚湁鍏挜淇℃伅锛?/p>

certificate

signing

request

鐨勭缉鍐?/p>

.crt

鏍煎紡锛氳瘉涔︽枃浠讹紝

certificate

鐨勭缉鍐?/p>

.crl

鏍煎紡锛氳瘉涔﹀悐閿€鍒楄〃锛?/p>

Certificate Revocation List

鐨勭缉鍐?/p>

.pem

鏍煎紡锛氱敤浜庡鍑猴紝瀵煎叆璇佷功鏃跺€欑殑璇佷功鐨勬牸寮忥紝鏈夎瘉涔﹀紑澶达紝缁撳熬鐨勬牸寮?/p>

3

銆佹坊鍔?/p>

index.txt

鍜?/p>

serial

鏂囦欢

cd /etc/pki/CA/

touch /etc/pki/CA/index.txt

touch /etc/pki/CA/serial

echo 01 > /etc/pki/CA/serial

4

銆?/p>

CA

鏍硅瘉涔︾殑鐢熸垚

4.1

鐢熸垚

CA

绉侀挜锛?/p>

.key

锛?/p>

openssl genrsa -out ca.key 2048

[root@CA]# openssl genrsa -out ca.key 2048

Generating RSA private key, 2048 bit long modulus

.............+++

.....+++

e is 65537 (0x10001)

4.2

鐢熸垚

CA

璇佷功璇锋眰锛?/p>

.csr

锛?/p>

openssl req -new -key ca.key -out ca.csr

[root@CA]# openssl req -new -key ca.key -out ca.csr

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

南京廖华答案网

鏂板缓

涓婁紶

棣栭〉

鍔╂墜

鏈€杩?/div>

璧勬枡搴?/div>

宸ュ叿

Linux

涓嬪埄鐢?/p>

openssl

鐢熸垚

SSL

璇佷功姝ラ

1

銆佹蹇?/p>

棣栧厛瑕佹湁涓€涓?/p>

CA

鏍硅瘉涔︼紝鐒跺悗鐢?/p>

CA

鏍硅瘉涔︽潵绛惧彂鐢ㄦ埛璇佷功銆?/p>

鐢ㄦ埛杩涜璇佷功鐢宠锛氫竴鑸厛鐢熸垚涓€涓閽ワ紝鐒跺悗鐢ㄧ閽ョ敓鎴愯瘉涔﹁姹?/p>

(

璇佷功璇锋眰閲屽簲鍚湁鍏?/p>

閽ヤ俊鎭?/p>

)

锛屽啀鍒╃敤璇佷功鏈嶅姟鍣ㄧ殑

CA

鏍硅瘉涔︽潵绛惧彂璇佷功銆?/p>

2

銆佸悗缂€璇﹁В

.key

鏍煎紡锛氱鏈夌殑瀵嗛挜

.csr

鏍煎紡锛?/p>

璇佷功绛惧悕璇锋眰

锛堣瘉涔﹁姹傛枃浠讹級

锛?/p>

鍚湁鍏挜淇℃伅锛?/p>

certificate

signing

request

鐨勭缉鍐?/p>

.crt

鏍煎紡锛氳瘉涔︽枃浠讹紝

certificate

鐨勭缉鍐?/p>

.crl

鏍煎紡锛氳瘉涔﹀悐閿€鍒楄〃锛?/p>

Certificate Revocation List

鐨勭缉鍐?/p>

.pem

鏍煎紡锛氱敤浜庡鍑猴紝瀵煎叆璇佷功鏃跺€欑殑璇佷功鐨勬牸寮忥紝鏈夎瘉涔﹀紑澶达紝缁撳熬鐨勬牸寮?/p>

3

銆佹坊鍔?/p>

index.txt

鍜?/p>

serial

鏂囦欢

cd /etc/pki/CA/

touch /etc/pki/CA/index.txt

touch /etc/pki/CA/serial

echo 01 > /etc/pki/CA/serial

4

銆?/p>

CA

鏍硅瘉涔︾殑鐢熸垚

4.1

鐢熸垚

CA

绉侀挜锛?/p>

.key

锛?/p>

openssl genrsa -out ca.key 2048

[root@CA]# openssl genrsa -out ca.key 2048

Generating RSA private key, 2048 bit long modulus

.............+++

.....+++

e is 65537 (0x10001)

4.2

鐢熸垚

CA

璇佷功璇锋眰锛?/p>

.csr

锛?/p>

openssl req -new -key ca.key -out ca.csr

[root@CA]# openssl req -new -key ca.key -out ca.csr

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

">

鏂板缓

涓婁紶

棣栭〉

鍔╂墜

鏈€杩?/div>

璧勬枡搴?/div>

宸ュ叿

Linux

涓嬪埄鐢?/p>

openssl

鐢熸垚

SSL

璇佷功姝ラ

1

銆佹蹇?/p>

棣栧厛瑕佹湁涓€涓?/p>

CA

鏍硅瘉涔︼紝鐒跺悗鐢?/p>

CA

鏍硅瘉涔︽潵绛惧彂鐢ㄦ埛璇佷功銆?/p>

鐢ㄦ埛杩涜璇佷功鐢宠锛氫竴鑸厛鐢熸垚涓€涓閽ワ紝鐒跺悗鐢ㄧ閽ョ敓鎴愯瘉涔﹁姹?/p>

(

璇佷功璇锋眰閲屽簲鍚湁鍏?/p>

閽ヤ俊鎭?/p>

)

锛屽啀鍒╃敤璇佷功鏈嶅姟鍣ㄧ殑

CA

鏍硅瘉涔︽潵绛惧彂璇佷功銆?/p>

2

銆佸悗缂€璇﹁В

.key

鏍煎紡锛氱鏈夌殑瀵嗛挜

.csr

鏍煎紡锛?/p>

璇佷功绛惧悕璇锋眰

锛堣瘉涔﹁姹傛枃浠讹級

锛?/p>

鍚湁鍏挜淇℃伅锛?/p>

certificate

signing

request

鐨勭缉鍐?/p>

.crt

鏍煎紡锛氳瘉涔︽枃浠讹紝

certificate

鐨勭缉鍐?/p>

.crl

鏍煎紡锛氳瘉涔﹀悐閿€鍒楄〃锛?/p>

Certificate Revocation List

鐨勭缉鍐?/p>

.pem

鏍煎紡锛氱敤浜庡鍑猴紝瀵煎叆璇佷功鏃跺€欑殑璇佷功鐨勬牸寮忥紝鏈夎瘉涔﹀紑澶达紝缁撳熬鐨勬牸寮?/p>

3

銆佹坊鍔?/p>

index.txt

鍜?/p>

serial

鏂囦欢

cd /etc/pki/CA/

touch /etc/pki/CA/index.txt

touch /etc/pki/CA/serial

echo 01 > /etc/pki/CA/serial

4

銆?/p>

CA

鏍硅瘉涔︾殑鐢熸垚

4.1

鐢熸垚

CA

绉侀挜锛?/p>

.key

锛?/p>

openssl genrsa -out ca.key 2048

[root@CA]# openssl genrsa -out ca.key 2048

Generating RSA private key, 2048 bit long modulus

.............+++

.....+++

e is 65537 (0x10001)

4.2

鐢熸垚

CA

璇佷功璇锋眰锛?/p>

.csr

锛?/p>

openssl req -new -key ca.key -out ca.csr

[root@CA]# openssl req -new -key ca.key -out ca.csr

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

南京廖华答案网">

南京廖华答案网

Linux涓嬪埄鐢╫penssl 鐢熸垚SSL璇佷功姝ラ - 鐧惧害鏂囧簱

鏂板缓

涓婁紶

棣栭〉

鍔╂墜

鏈€杩?/div>

璧勬枡搴?/div>

宸ュ叿

Linux
涓嬪埄鐢?/p>
openssl
鐢熸垚
SSL
璇佷功姝ラ

1
銆佹蹇?/p>

棣栧厛瑕佹湁涓€涓?/p>
CA
鏍硅瘉涔︼紝鐒跺悗鐢?/p>
CA
鏍硅瘉涔︽潵绛惧彂鐢ㄦ埛璇佷功銆?/p>

鐢ㄦ埛杩涜璇佷功鐢宠锛氫竴鑸厛鐢熸垚涓€涓閽ワ紝鐒跺悗鐢ㄧ閽ョ敓鎴愯瘉涔﹁姹?/p>
(
璇佷功璇锋眰閲屽簲鍚湁鍏?/p>
閽ヤ俊鎭?/p>
)
锛屽啀鍒╃敤璇佷功鏈嶅姟鍣ㄧ殑
CA
鏍硅瘉涔︽潵绛惧彂璇佷功銆?/p>

2
銆佸悗缂€璇﹁В

.key
鏍煎紡锛氱鏈夌殑瀵嗛挜

.csr
鏍煎紡锛?/p>
璇佷功绛惧悕璇锋眰
锛堣瘉涔﹁姹傛枃浠讹級
锛?/p>
鍚湁鍏挜淇℃伅锛?/p>
certificate
signing
request
鐨勭缉鍐?/p>

.crt
鏍煎紡锛氳瘉涔︽枃浠讹紝
certificate
鐨勭缉鍐?/p>

.crl
鏍煎紡锛氳瘉涔﹀悐閿€鍒楄〃锛?/p>
Certificate Revocation List
鐨勭缉鍐?/p>

.pem
鏍煎紡锛氱敤浜庡鍑猴紝瀵煎叆璇佷功鏃跺€欑殑璇佷功鐨勬牸寮忥紝鏈夎瘉涔﹀紑澶达紝缁撳熬鐨勬牸寮?/p>

3
銆佹坊鍔?/p>
index.txt
鍜?/p>
serial
鏂囦欢

cd /etc/pki/CA/

touch /etc/pki/CA/index.txt

touch /etc/pki/CA/serial

echo 01 > /etc/pki/CA/serial

4
銆?/p>
CA
鏍硅瘉涔︾殑鐢熸垚

4.1
鐢熸垚
CA
绉侀挜锛?/p>
.key
锛?/p>

openssl genrsa -out ca.key 2048

[root@CA]# openssl genrsa -out ca.key 2048

Generating RSA private key, 2048 bit long modulus

.............+++

.....+++

e is 65537 (0x10001)

4.2
鐢熸垚
CA
璇佷功璇锋眰锛?/p>
.csr
锛?/p>

openssl req -new -key ca.key -out ca.csr

[root@CA]# openssl req -new -key ca.key -out ca.csr

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

下载完的文件如果后缀不是.doc，修改为.doc即可正常打开阅读。

最近浏览

电脑版 关于南京廖华答案网

联系客服：779662525#qq.com(#替换为@)