安装
openssl
shell
yum install openssl openssl-devel -y任意目录执行
shell
[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
[req_distinguished_name]
countryName = Country Name
countryName_default = CH
stateOrProvinceName = State or Province Name
stateOrProvinceName_default = GD
localityName = Locality Name
localityName_default = WuHan
organizationalUnitName = Organizational Unit Name
organizationalUnitName_default = organizationalUnitName
commonName = Internet Widgits Ltd
commonName_max = 64
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
[alt_names]
# 改成自己的域名
#DNS.1 = kb.example.com
#DNS.2 = helpdesk.example.org
#DNS.3 = systems.example.net
# 改成自己的ip
IP.1 = xxx.xx.xx.xxx
IP.2 = xxx.xx.xx.xxx生成私钥
shell
openssl genrsa -out server_name.key 2048 # 可使用任意名称测试是否成功(出现签名信息表示成功)
shell
openssl req -text -noout -in server_name.csr创建证书
shell
openssl x509 -req -days 3650 -in server_name.csr -signkey server_name.key -out server_name.crt -extensions v3_req -extfile openssl.cnf检查当前目录是否出现三个文件:
shell
server_name.crt # 使用这个
server_name.csr
server_name.key # 使用这个0