Home > Others

Car Certification Center Configuration

Source: Internet
Author: User
Tags install openssl
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

1. Installing the OpenSSL software

[Email protected] ~]# yum-y install OpenSSL

2. configuration Files

172 Basicconstraints=ca:true

3. generate the public key certificate and private key

[Email protected] ~]#/etc/pki/tls/misc/ca-h

Usage:/etc/pki/tls/misc/ca-newcert|-newreq|-newreq-nodes|-newca|-sign|-verify

[[Email protected]~]#/etc/pki/tls/misc/ca-newca

Usingconfiguration from/etc/pki/tls/openssl.cnf

Enterpass phrase For/etc/pki/ca/private/./cakey.pem:

Checkthat the request matches the signature

Signatureok

Certificatedetails:

Serial number:17413805404962385785 (0xf1aa43c0e68f6f79)

Validity

Not Before:jan 08:36:04 2016GMT

Not After:jan 08:36:04 2019GMT

Subject:

CountryName = CN

Stateorprovincename = Beijing

OrganizationName =xuegod

Organizationalunitname = IT

CommonName = xuegod61.cn

EmailAddress [email protected]

X509v3 Extensions:

X509v3 Subject Key Identifier:

da:bd:34:5b:08:8a:90:30:75:7b:59:e3:f6:61:98:94:b6:7c:18:83

X509v3 Authority Key Identifier:

keyid:da:bd:34:5b:08:8a:90:30:75:7b:59:e3:f6:61:98:94:b6:7c:18:83

X509v3 Basic Constraints:

Ca:true

Certificateis to is certified until Jan 08:36:04 2019 GMT (1095 days)

Writeout database with 1 new entries

DataBase Updated

4. view certificates and private keys

[[Email protected]~]# Vim/etc/pki/ca/cacert.pem

View Private key

[[Email protected]~]# Vim/etc/pki/ca/private/cakey.pem

-----BEGIN ENCRYPTED PRIVATE KEY-----

Miifdjbabgkqhkig9w0bbq0wmzabbgkqhkig9w0bbqwwdgqi7zwuluc9vtycagga

Mbqgccqgsib3dqmhbagyhrohdvajawscbmhpufuqdd3i/o+zl+ektx83pe2lhhbl

8pqd6fh+dyzminj1hmycy/nrzbqt/+1blnkismk2ln5yc4lljbxzaodurauovgps

/nbao+70fg5xvosvj1tfyi2h5inf3sbxvapf7bcazcw3uf8w0khwfioflyjuhefv

Xtyvbdrkyrw3bchjy9u8caebkzvhndml7qfjeuary2suovnc49accfiuybnfgvdf

Cohwp1r7/2iem3dhayfdx0h0rsgr60tcko/woihsrljibllsschbl6pwvztzgbpf

Wb54rlx3p3zprtumzxea+1pcxbukznwyziulx31bzpk+u4vumvdund4+o6newkng

Nd2bqgolltpqvq/vdzay94vkxofyryva30zvxem+iauf61tabaex78pnel6yldaz

Nfsrk67pvjtan414y/sknwugxru9mb68hjol1mcdtbka8/mygrbrnq69bmvaumzf

Sh4ymxbuoz9ag/7jicras01asm68fcqangekcxa0nbkoqrwpmkjx5ftjgzblpkhj

rr1u3rr8b9srozrvt8qj0sjpfbyjd+elnazmeinhgfj0r3cg7trvviswibosakk+

38zf4e2hakv1nsrh2uht2sbmwfw74phj3ewuypxs+mhdamcykn2ctj9po+lk6hfp

oj62iapcwzmolr/otqlnid3cgby8frnvl16kmthdhidtnyell3wwdfvsb9b1yv8n

Rlni0v7vyv2zpmu1la7sbyuec7fkpoqleehhueu232h1ut/bneucoykwr0f+ufur

/b2mspqbagu0fx5tsm2d+bpuf2m88qymgynqim5hu4zohhamxjsdnmfmntppuyhq

Xr9equ/l+3plw1khaxvy4npy8swasdgqvx10giev6vauzdgwg5uawvk38qspifag

1hgorkaudv/o+dpempjbemz6ipdzpolqxsjw1ku8bcbghfy5pxoq2yraysobipmw

Kqquf0xcfzhjknpui2gyg+am2fntnwnd0wckf5nr7qq5tsd9llhfckx3oibdwfqb

C12pzgywa3jymqtoegdp3ovkw1tczrhnoqzegahxahekr2t5qbtuiy9xtnoisyel

Mffnf6s6cf3wsfswwuwidirf3kbrhv2/2vzapobfxgfbsyhyadfrjjno2zykqrwu

Zqm5iunltckikmmz9efscwlaiuzgzzgp/nptsd0dpzv5ywvmffn+1ehck8jdwmxq

Fweh3rygn9mwm8pwjajkhfhbogmdr3iilq8u0ppw7saocaj29c/jrxwwajr11t6o

Umi2cdtmrzdpd9qsrle5xplmw6yplbv+wrgm+mos4dfrpnmjrejuud+f4ulsceey

Re2txyhwqoczqd8d6masmgw4dl9silpdttwjfxjmqjujmisilf0ckdiiwbi9lri8

Lu4xe0a6cl3wbvdjfefhun8as6ozq4qsfmqfnx4xvv4bsdwo9hex4dk8hof/aoih

Jwyleebvujdo8fugkfulzcwltzdffsfktvzaornbth1qflfg2rhzmhu4befuy+v7

ofiwqe55l+9zweerjjmpy1bfm7ac5+9+ngpxdsa8ua43b+eafcsf/wsxcg4pmlp/

wpw=

-----END ENCRYPTED PRIVATE KEY-----

5. Client Installation httpd

[email protected] ~]# Yum install httpd-y

6. The client generates the certificate request file, obtains the certificate

[email protected] ~]# Yum install openssl-y

Generate private key

[email protected] ~]# OpenSSL Genrsa-des3-out/etc/httpd/conf.d/server.key

Generate a certificate request file with the private key

[Email protected]~]# OpenSSL REQ-NEW-KEY/ETC/HTTPD/CONF.D/SERVER.KEY-OUT/SERVER.CSR

[Email protected]~]# scp/server.csr [email protected]:/tmp

7. generate a certificate

[Roo[email protected] ~]# OpenSSL Ca-keyfile/etc/pki/ca/private/cakey.pem-cert

/etc/pki/ca/cacert.pem-in/tmp/server.csr-out/server.crt

8. Copy the certificate to the client

[Email protected]]# scp/server.crt 192.168.1.64:/

9. Client install SSL

[Email protected]~]# yum Install mod_ssl-y

client-side configuration SSL

[Email protected]~] #vim/etc/httpd/conf.d/ssl.conf

Change code:sslcertificatefile/etc/httpd/conf.d/server.crt

Sslcertificatekeyfile/etc/httpd/conf.d/server.key

One . Restart service

[Email protected]~] #service httpd restart

Client Access

Browser View Certificate


This article from "Enet-chen" blog, declined reprint!

Car Certification Center Configuration

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
microsoft system center configuration manager microsoft system center configuration manager download microsoft system center configuration manager sccm mastering system center 2012 r2 configuration manager system center 2012 configuration manager unleashed administering and deploying system center 2012 configuration manager book administering and deploying system center 2012 configuration manager

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More