How to Use OpenSSL to create a certificate

If you want to create a self-signed certificate that is not valid for one year, or provide additional information about yourself, you can use Open SSL to create a certificate, instead of the standard tool that comes with the SDK: makekeys.

The following command demonstrates how to create a self-Signed key/certificate pair with a 10-year validity period.

 
OpenSSL genrsa 1024> selfsigned. keyopenssl req-New-X509-nodes-sha1-days 3650-key selfsigned. Key> selfsigned. Cer
 

After entering the second command, you will be prompted to enter various information about yourself, which will be embedded in the certificate ). This process only needs to be executed once, and then the generated certificate is saved for future use with createsis or signsis.

 

------------------------------------------------------------------------------

I tried it and the result showed this error:Unable to load config info from/usr/local/SSL/OpenSSL. CNF

 

It turns out that the key generated by others is used directly. Unfortunately, it is used on UNIX and not suitable for Win32! There is no way to integrate opensso again. However, when using opensso [Unable to load config info from/usr/local/SSL/OpenSSL. CNF] Exception. Although this is the default UNIX setting, there is no way to create a file [C:/usr/local/SSL], Download OpenSSL from the Internet. conf, and then change to OpenSSL. CNF is placed in the C:/usr/local/SSL directory. After that, the key is fixed and Apache can be started to celebrate.
Access https: // localhost/login, which is a white screen and does not start Apache SSL. Run APACHE-d ssl and OK in cmd. Everything is done.
Some optimization methods are to comment out <ifdefine SSL> in the SSL. conf file to directly start SSL.

There are still some problems in the configuration, for example ,[Invalid sslmutex argument file: logs/DD (valid sslmutex mechanic isms are: 'none ',
Default ')]. This is a bug in Apache. Only default or none can be used.