encryption , decryption, and OpenSSL establishing a private CA
Enc DGST
Host
[[Email protected] ca]# (umask 077; OpenSSL genrsa-out private/cakey.pem 2048) Create private key
[[email protected] ca]# OpenSSL req-new-x509-key private/cakey.pem-out cacert.pem-days 7300 generated from the visa book
[email protected] ca]# Touch index.txt
[[email protected] ca]# echo > Serial generate index file
129 Host
[[Email protected] ssl]# (umask 077; OpenSSL genrsa-out httpd.key 2048) establish the server's private key
[[email protected] ssl]# OpenSSL req-new-key httpd.key-out httpd.csr-days 365 Generate private authentication
[Email protected] ssl]# SCP HTTPD.CSR [email protected]:/tmp/long pass public key acquisition certificate
Host
[[email protected] ca]# OpenSSL ca-in/tmp/httpd.csr-out certs/www.qiuye.com.crt-days 365 Generate certificate
[Email protected] ca]# SCP certs/www.qiuye.com.crt [email protected]:/etc/httpd/ssl issued certificate
OpenSSL establishes a private CA