Alibabacloud.com offers a wide variety of articles about openssl create server certificate, easily find your openssl create server certificate information here online.
The OpenSSL Certificate Action command generates a self signed certificate# Generate a key, your private key, OpenSSL will prompt you to enter a password, you can enter, you can not lose,# Enter the words, each time you use this key to enter the password, security, or there should be a password protection >
and ssleay. Lib under the out32dll directory to the lib directory;
Copy the OpenSSL directory under the inc32 directory to the include directory;
Copy the democa directory under the apps directory and the crypto directory under the root directory to the bin directory;
Since OpenSSL is also required for programming, you also need to configure the programming environment and copy the include directory und
OpenSSL genrsa-out server.key 1024 (no password required)OpenSSL Req-new-key server.key-out SERVER.CSRCat SERVER.CSRPaste the above text into http://dc2.sankuai.info/certsrv/request Advanced Certificate request---->web Server certificate, OK, download base 64 encoded
I. Create an OpenSSL Certificate:
1. Create the directory./democa/./democa/newcerts/and create the file./democa/index.txt./democa/serial.
2. Run echo 01>./democa/serial.
3. Create your own CA
application will be used for information verification when you apply to issue a certificate at the CA center.
(5) $ sudo OpenSSL ca-In testreq. pem-out testres. pem-config OpenSSL. CNF
The CA command is a simulated CA server program that implements the basic functions of the CA se
www.mysite.com.key-in www.mysite.com.pem-passin pass:123456-passout pass:123456-out Www.mysite.com.p126, remove the key password protectionSometimes it is too cumbersome to enter the password, you can remove the key protection password > OpenSSL RSA- in Myserver.key-out server.key.insecure7. Test CertificateOpenSSL provides simple client and server tools that can be used to simulate SSL connections for tes
-wh_50"/>3.WEB Site Request CertificateEnter the/ETC/HTTPD directory to create an SSL directory under which to generate a key for the Web server Http.key650) this.width=650; "src="/e/u261/themes/default/images/spacer.gif "style=" Background:url ("/e/u261/lang/zh-cn/ Images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "Spacer.gif"/>650 "this.width=650;" src= "http ://s5.51cto.com/wyfs02/m0
How to correctly display a Chinese certificate using OpenSSL
Author:Liu Kai mslk.sa@gmail.com
Source:Http://blog.csdn.net/mslk
Posting time:2006-10-23
Browsing times:3896
Font Size:Large, medium and small
How to Use OpenSSL to generate a certificate that correctly displays Chinese Characters
\ Author liukai mslk.sa@gma
Use the OpenSSL to verify the certificate chain with the following command:Debian:/home/zhaoya/openssl#openssl verify-cafile Root_cert User_certThe Root_cert can contain a lot of certificates, you can use the Cat command to merge multilevel CA certificates into a file, and then the program will load after startup Root_
-text-in CA.CRTStep Two: Create the server certificate signing request below.#openssl Genrsa-des3-out Server.key 1024(Use OpenSSL genrsa-out server.key 1024) under ditto windowsPass phrase also be set here.Generates the Server.key file and changes the file property to 400.#c
storage certificate chain, this level, the superior, to the root level are stored in a file). The private key cannot be stored, and both Windows and Tomcat support this format. pkcs#12/pfx Format
The PKCS#12 or PFX format is the storage server certificate, intermediate certificate, and private key in encrypted binary
extensions according to the OpenSSL configuration file v3_ca. :-Signkey indicates the self-Signed key. Here it is the ca. Key. pem file. :-In indicates the input file. Here it is the ca. CSR file. :-Out indicates the output file. Here it is the ca. Cer file.: Note: 1) enter the root certificate password: 123456: 2) The built root certificate ca. Cer can be used
the server. Key file is lost.
B) Native server certificate request (CSR)
OpenSSL req-New-key server. Key-out server. CSR
CSR (Certificate Signing Request) is a
MQTT serves as the push message pushing protocol for Android clients. The Android client needs to connect to the MQTT Proxy server via SSL/TLS for encrypted transmission of messages. Implementing this process requires two support, one for the MQTT protocol client and the other for the MQTT proxy server. There are many open-source Mqtt proxy servers, and I choose to use Mosquitto Broker.
Mosquitto install to
Certificate category-Root certificate generates the server certificate, which is the basis of the client certificate. Self-signed.-The server certificate is issued by the root
One: Environment and installation instructionsWin7_64,nginx Server,OpenSSL_Win64. I use the Phpstudy integrated development environment, using nginx+php to support browser HTTPS requests. Nginx:Http://nginx.org/en/download.htmlOpenSSL:Http://slproweb.com/products/Win32OpenSSL.htmlwebsite Address:https://www.openssl.org/source/II: Installation of OpenSSL and configuration1> download after double-click Instal
-days 3650-config./OpenSSL. CNFWill generate1. Private/cakey. pem CA private key2. cacert. pem CA Public Key, that is, the CA certificate. Public servers and clients.
6. Generate a certificate requestCertificate Signing Request (CSR ).OpenSSL req-New-nodes-out Req. pem-config./Ope
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.