日韩性视频-久久久蜜桃-www中文字幕-在线中文字幕av-亚洲欧美一区二区三区四区-撸久久-香蕉视频一区-久久无码精品丰满人妻-国产高潮av-激情福利社-日韩av网址大全-国产精品久久999-日本五十路在线-性欧美在线-久久99精品波多结衣一区-男女午夜免费视频-黑人极品ⅴideos精品欧美棵-人人妻人人澡人人爽精品欧美一区-日韩一区在线看-欧美a级在线免费观看

歡迎訪問 生活随笔!

生活随笔

當前位置: 首頁 > 编程资源 > 编程问答 >内容正文

编程问答

使用openssl生成ssl(https)证书

發布時間:2025/3/20 编程问答 26 豆豆
生活随笔 收集整理的這篇文章主要介紹了 使用openssl生成ssl(https)证书 小編覺得挺不錯的,現在分享給大家,幫大家做個參考.

openssl生成證書

[nginx@machina key]$ pwd
/app/nginx/key

  • 生成私鑰
    openssl genrsa -out server.key 2048
  • 生成證書請求
    openssl req -new -key server.key -out server.csr
  • 填入信息 [nginx@machina key]$ openssl req -new -key server.key -out server.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:cn State or Province Name (full name) []:gd Locality Name (eg, city) [Default City]:gz Organization Name (eg, company) [Default Company Ltd]:ai Organizational Unit Name (eg, section) []:ai Common Name (eg, your name or your server's hostname) []:112.96.28.206 Email Address []:

    • Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []:
    An optional company name []:
    [nginx@machina key]$
    [nginx@machina key]$ ls
    old server.csr server.key

    4. 備份一份服務器密鑰文件 cp server.key server.key.org 5. 去除文件口令 openssl rsa -in server.key.org -out server.key 6. 生成證書文件server.crt openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

    [nginx@machina key]$ openssl rsa -in server.key.org -out server.key
    writing RSA key
    [nginx@machina key]$
    [nginx@machina key]$ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
    Signature ok
    subject=/C=cn/ST=gd/L=gz/O=ai/OU=ai/CN=112.96.28.206
    Getting Private key

    一般只需三步: 1. openssl genrsa -out server.key 2048 2. openssl req -new -key server.key -out server.csr 3. openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt關于密碼: openssl genrsa -out server.key 2048不需要密碼。 openssl genrsa -des3 -out server.key 2048需要密碼。 https://www.jianshu.com/p/9523d888cf77關于域名: 用openssl,域名可以不輸; 用keystore,必須輸入。

    轉載于:https://blog.51cto.com/170023/2154883

    總結

    以上是生活随笔為你收集整理的使用openssl生成ssl(https)证书的全部內容,希望文章能夠幫你解決所遇到的問題。

    如果覺得生活随笔網站內容還不錯,歡迎將生活随笔推薦給好友。