First, you need to understand some basic concepts before installing
1. Certificates used by SSL can be self-generated or signed by a commercial ca such as Verisign or thawte.
2. Certificate concept: First, you must have a root certificate, and then use the root certificate to issue the server certificate and custom
1. After OpenSSL is installed, find OpenSSL. CnF in the/usr/lib/SSL directory (for Ubuntu system, use whereis to check the SSL directory) and copy it to the working directory.
2. Create a New democafolder under the Work directory, create the new files index.txt and serial in the folder, and then
completed, you can use the certificate and private key to generate a PFX format certificate to Microsoft, the command is as follows:OpenSSL pkcs12-export-clcerts-in/home/lengshan/server. CRT -inkey/home/lengshan/server. Key -out/ Home/lengshan/server.p125. Issue Client Authentication Certificate#生成私钥OpenSSL Genrsa-des
Preface openSSL is a powerful encryption tool. many of us are already using openSSL to create RSA private key or certificate signature requests. However, you can use openSSL to test the computer. speed? You can also use it to encrypt files or messages.
Use openssl in linux to generate a csrcrchloroform Certificate
This article mainly draws on and references the content of the following two addresses, then tests and runs on the machine, and makes the following records.
Create the test directory mkdir/tmp/create_key/ca cd/tmp/create_key/
Certificate file generation:
I.
From: http://blog.csdn.net/aking21alinjuju/article/details/7654097
I. Generate a CA certificate
Currently, the CA of a third-party authority is not used for authentication and serves as the CA.
Prerequisites: Download www.openssl.org from the OpenSSL official website to install OpenSSL [Windows and Linux are different]
Start generating certificates and keys
If no
need to add this certificate to the keychain, of course you can double-click the Aps_development.cer file and you will find it associated with the private key.To create a PEM file to your current location, you have three files:CSR filePUSHCHATKEY.P12 private Key FileSSL Certificate (Aps_development.cer)Save these three files well. You can throw the CSR away, but
Create a Test Catalog mkdir/tmp/create_key/cacd/tmp/create_key/ certificate file Generation : One. Server-side 1. Generate the server-side private key (key file): OpenSSL genrsa-des3-out Server.key 1024 The runtime prompts for a password, which is used to encrypt the key file (the parameter des3 is an encryption algorithm or other secure algorithm), and every ti
The first part: overview。。 Part II: System Preparation1 Operating system CentOS 6.xIp:2 Installing OpenSSL Yum Install-y OpenSSL3 Installing the JDKDownload JDK http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html from official websiteDownload here is jdk1.8 upload to CentOS6, extract to/opt/jtools/java/directoryConfiguring Environment variablesVim ~/.bash_profileexport java_home=/opt/jtools/java/jdk1.8export classpath=.
certificate is. 1. After OpenSSL is installed, find OpenSSL. CnF in the/usr/lib/SSL directory (for Ubuntu system, use whereis to check the SSL directory) and copy it to the working directory. 2. Create a New democafolder under the Work directory, create the new files in
certificate request, which is only used for Import
P7bDisplay the certificate chain in a tree(CertificateChain)And a single certificate, excluding the private key.
1. caCertificate
Use OpenSSL Create CA Certificate RSA
After sorting out a Windows batch file, 8 steps are required.
Echo off REM reference: http://book.51cto.com/art/201004/192440.htm pushd "E: \ OpenSSL Certificate Management \" Echo. echo 1. creates a random number. rndopenssl rand-out. RND 1000: the meaning of each parameter is as follows: Rand random number command. :-Out output file path. Here, the random number file. RND is output to the current directo
need to be named Cakey.pem in the/etc/pki/ca/private directory because they are in the/etc/pki/tls/openssl configuration file The path and name of the CA key pair and certificate are default , and if you do not store by default, remember to modify the configuration file650) this.width=650; "src="/e/u261/themes/default/images/spacer.gif "style=" Background:url ("/e/u261/lang/zh-cn/ Images/localimage.png ")
I. Create an OpenSSL Certificate:
1. Create the directory./democa/./democa/newcerts/and create the file./democa/index.txt./democa/serial.
2. Run echo 01>./democa/serial.
3. Create your own CA
1. Download compilation and install Configuration
Download the latest or stable version of OpenSSL from the openssld official website (www.openssl.org) (the version of this experiment is openssl-1.0.1c), and decompress the package. After pressurization, because the environment is windows, open the Windows Installation help file (install. w32) in the root directory and compile it according to the file descri
requestP7R is the CA's response to a certificate request and is used only for importP7B Displays the certificate chain (certificate chain) in a tree form, and also supports a single certificate, without a private key.1. CA CertificateTo create the RSA key (PEM format) of th
How to correctly display a Chinese certificate using OpenSSL
Author:Liu Kai mslk.sa@gmail.com
Source:Http://blog.csdn.net/mslk
Posting time:2006-10-23
Browsing times:3896
Font Size:Large, medium and small
How to Use OpenSSL to generate a certificate that correctly displays Chinese Characters
\ Author liukai mslk.sa@gma
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.