Last active
May 17, 2017 11:46
-
-
Save noname007/b358c44ea247a1db806d40d56fd7965e to your computer and use it in GitHub Desktop.
构建https证书
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1030 cat /etc/pki/tls/openssl.cnf | |
| # For the CA policy | |
| [ policy_match ] | |
| countryName = match | |
| stateOrProvinceName = optional | |
| organizationName = optional | |
| organizationalUnitName = optional | |
| commonName = supplied | |
| emailAddress = optional | |
| 1024 sudo openssl genrsa -out private/cakey.pem 2048 | |
| 1025 sudo su | |
| 981 openssl req -new -x509 -key private/cakey.pem -out cacert.pem | |
| 985 openssl genrsa -out nginx.key 2048 | |
| 986 openssl req -new -key nginx.key -out nginx.csr | |
| 988 openssl ca -in nginx.csr -out nginx.crt | |
| 991 vi /etc/pki/tls/openssl.cnf | |
| 992 touch index.txt | |
| 996 echo 00 > /etc/pki/CA/serial | |
| 997 openssl ca -in nginx.csr -out nginx.crt | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
http://seanlook.com/2015/01/18/openssl-self-sign-ca/