日韩av黄I国产麻豆传媒I国产91av视频在线观看I日韩一区二区三区在线看I美女国产在线I麻豆视频国产在线观看I成人黄色短片

歡迎訪問 生活随笔!

生活随笔

當前位置: 首頁 >

使用openssl生成ssl(https)证书

發布時間:2025/3/20 37 豆豆
生活随笔 收集整理的這篇文章主要介紹了 使用openssl生成ssl(https)证书 小編覺得挺不錯的,現在分享給大家,幫大家做個參考.

openssl生成證書

[nginx@machina key]$ pwd
/app/nginx/key

  • 生成私鑰
    openssl genrsa -out server.key 2048
  • 生成證書請求
    openssl req -new -key server.key -out server.csr
  • 填入信息 [nginx@machina key]$ openssl req -new -key server.key -out server.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:cn State or Province Name (full name) []:gd Locality Name (eg, city) [Default City]:gz Organization Name (eg, company) [Default Company Ltd]:ai Organizational Unit Name (eg, section) []:ai Common Name (eg, your name or your server's hostname) []:112.96.28.206 Email Address []:

    • Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []:
    An optional company name []:
    [nginx@machina key]$
    [nginx@machina key]$ ls
    old server.csr server.key

    4. 備份一份服務器密鑰文件 cp server.key server.key.org 5. 去除文件口令 openssl rsa -in server.key.org -out server.key 6. 生成證書文件server.crt openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

    [nginx@machina key]$ openssl rsa -in server.key.org -out server.key
    writing RSA key
    [nginx@machina key]$
    [nginx@machina key]$ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
    Signature ok
    subject=/C=cn/ST=gd/L=gz/O=ai/OU=ai/CN=112.96.28.206
    Getting Private key

    一般只需三步: 1. openssl genrsa -out server.key 2048 2. openssl req -new -key server.key -out server.csr 3. openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt關于密碼: openssl genrsa -out server.key 2048不需要密碼。 openssl genrsa -des3 -out server.key 2048需要密碼。 https://www.jianshu.com/p/9523d888cf77關于域名: 用openssl,域名可以不輸; 用keystore,必須輸入。

    轉載于:https://blog.51cto.com/170023/2154883

    總結

    以上是生活随笔為你收集整理的使用openssl生成ssl(https)证书的全部內容,希望文章能夠幫你解決所遇到的問題。

    如果覺得生活随笔網站內容還不錯,歡迎將生活随笔推薦給好友。