openssl 产生证书及签名

9月 1, 2023 | 
-x509产生自签名证书
openssl req -x509 -newkey rsa:2048 -keyout ca-key.pem -out ca.pem -days 3650 -nodes

#产生key和证书请求
openssl req -newkey rsa:2048 -keyout client.pem -out client-req.pem  
	-days 3650 -nodes  -subj "/C=US/O=iAndreev/CN=host2"

openssl x509 -req -in client-req.pem -days 3600 -CA ca.pem -CAkey ca-key.pem 
	-out client-cert.pem -set_serial 01

openssl req 用来产生证书请求,可以顺带产生秘钥对
openssl x509 使用CA证书来颁发新的证书

Posted in: 服务器

Comments are closed.

国外VPS推荐