概述
2019独角兽企业重金招聘Python工程师标准>>> 
一切都依靠openssl命令。
[root@svnsubv ssl]# openssl genrsa -des3 -out server.key 2048
Generating RSA private key, 2048 bit long modulus
...............................................+++
.....+++
e is 65537 (0x10001)
Enter pass phrase for server.key:
Verifying - Enter pass phrase for server.key:
[root@svnsubv ssl]# ll
total 4
-rw------- 1 root root 1743 Mar 10 11:59 server.key
这里需要输入一个密码,这个密码在后面会用到,在启动httpd服务时也要用到[root@svnsubv ssl]# openssl req -new -key server.key -out server.csr
Enter pass phrase for server.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:CN
State or Province Name (full name) [Berkshire]:Beijing
Locality Name (eg, city) [Newbury]:Beijing
Organization Name (eg, company) [My Company Ltd]:Lenovo
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:bugzilla.lenovo.com
Email Address []:zhaoxp2_bug@lenovo.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@svnsubv ssl]# ll
total 8
-rw------- 1 root root 1050 Mar 10 12:03 server.csr
-rw------- 1 root root 1743 Mar 10 11:59 server.key[root@svnsubv ssl]# openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
Signature ok
subject=/C=CN/ST=Beijing/L=Beijing/O=Lenovo/CN=bugzilla.lenovo.com/emailAddress=zhaoxp2_bug@lenovo.com
Getting Private key
Enter pass phrase for server.key:
[root@svnsubv ssl]# ll
total 12
-rw------- 1 root root 1289 Mar 10 12:05 server.crt
-rw------- 1 root root 1050 Mar 10 12:03 server.csr
-rw------- 1 root root 1743 Mar 10 11:59 server.key在Apache端配置:
<VirtualHost _default_:443>
DocumentRoot "/opt/bugzilla-4.4.11"
ServerName bugzillatst.lenovo.com:443
SSLEngine on
SSLCertificateFile /etc/opt/CollabNet_Subversion/conf/server.crt
SSLCertificateKeyFile /etc/opt/CollabNet_Subversion/conf/server.key
SSLCertificateChainFile /etc/opt/CollabNet_Subversion/conf/ca.crt
</VirtualHost>重启httpd服务。
转载于:https://my.oschina.net/shawnplaying/blog/634735
最后
以上就是悲凉金毛为你收集整理的OpenSSL自制SSL证书的全部内容,希望文章能够帮你解决OpenSSL自制SSL证书所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复