本文共 979 字,大约阅读时间需要 3 分钟。
1.Creating Certificate Signing Requests
openssl req -new -key fd.key -out fd.csr2.After a CSR is generated, use it to sign your own certificate and/or send it to a public CA
and ask it to sign the certificate. openssl req -text -in fd.csr -noout3.openssl x509 -x509toreq -in fd.crt -out fd.csr -signkey fd.key
4.添加以下内容到fd.cnf
[req] prompt = no distinguished_name = dn req_extensions = ext input_password = PASSPHRASE [dn] CN = www.feistyduck.com emailAddress = webmaster@feistyduck.com O = Feisty Duck Ltd L = London C = GB [ext] subjectAltName = DNS:www.feistyduck.com,DNS:feistyduck.com5.openssl req -new -config fd.cnf -key fd.key -out fd.csr
6签署自己的证书
openssl req -new -x509 -days 365 -key fd.key -out fd.crt 或 openssl req -new -x509 -days 365 -key fd.key -out fd.crt -subj “/C=GB/L=London/O=Feisty Duck Ltd/CN=www.feistyduck.com”7.创建对多个主机名有效的证书
openssl x509 -req -days 365 -in fd.csr -signkey fd.key -out fd.crt -extfile fd.ext8.检查证书
openssl x509 -text -in fd.crt -noout转载地址:http://hlwdb.baihongyu.com/