Last active
March 18, 2016 03:47
-
-
Save kenzo0107/781b81a6916fbb2b8533 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// rootユーザへ切り替え | |
# sudo su - | |
Password:(rootユーザのパスワード入力) | |
// CSR用ディレクトリ作成 | |
# mkdir /etc/httpd/conf/ssl.csr/ | |
// CSR用ディレクトリに移動します。 | |
# cd /etc/httpd/conf/ssl.csr | |
// キーペア(秘密鍵)の作成(2048bit, SHA256の秘密鍵) | |
# openssl genrsa -des3 -out server.key 2048 -sha256 | |
Generating RSA private key, 2048 bit long modulus | |
..........................+++ | |
......................+++ | |
e is 65537 (0x10001) | |
Enter pass phrase:(パスワード入力) | |
Verifying - Enter pass phrase:(パスワード入力) | |
// キーペア(秘密鍵)を元にしたCSRの作成 | |
# openssl req -new -sha256 -key server.key -out server.csr | |
Enter pass phrase for sample.key:(パスワード入力) | |
You are about to be asked to enter information that will be incorporated | |
into your certificate request. | |
What you are about to enter is what is called a Distinguished Name or a DN. | |
There are quite a few fields but you can leave some blank | |
For some fields there will be a default value, | |
If you enter '.', the field will be left blank. | |
----- | |
Country Name (2 letter code) [AU]:JP (←カントリーコード入力) | |
State or Province Name (full name) [Some-State]:Tokyo (←Stateコード 日本の場合、都道府県入力) | |
Locality Name (eg, city) []:Shibuya-ku (←Stateコード 日本の場合、市区郡入力) | |
Organization Name (eg, company) [Internet Widgits Pty Ltd]:xxxxxx ,Ltd. (←会社名) | |
Organizational Unit Name (eg, section) []:marketing (←自由です) | |
Common Name (e.g. server FQDN or YOUR name) []:sample.jp (←今回SSL証明書を導入したいドメイン) | |
Email Address []: (←何も入力しない) | |
Please enter the following 'extra' attributes | |
to be sent with your certificate request | |
A challenge password []: (←何も入力しない) | |
An optional company name []: (←何も入力しない) | |
// csrファイルが生成されていることを確認 | |
# ls -al | |
-rw-r--r-- 1 root root 1045 2月 26 14:31 server.csr | |
-rw-r--r-- 1 root root 1751 2月 26 14:21 server.key | |
// server.key パスワード解除 WebServer再起動毎にパスワードを尋ねられる為 | |
# openssl rsa -in server.key -out server.key | |
// 念のため中身を見てみる | |
# less server.csr | |
-----BEGIN CERTIFICATE REQUEST----- | |
......... | |
-----END CERTIFICATE REQUEST----- | |
// 以上 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment