checking ssl certificate with openssl

Installing Apache2sudo Install apache2Installing OpenSSLGeneral system comes with, can be viewed through OpenSSL version, if not,sudo Install OpenSSLCreate a DirectoryCreate a directory that is named SSLsudo mkdir /etc/apache2/sslCreate a self-signed vouchersudo 365 -newkey RSA:2048 -KEYOUT/ETC/APACHE2/SSL/APACHE.KEY-OUT/ETC/APACHE2/SSL/APACHE.CRTOpen Apache

unsafe content. If a page needs to be accessed through HTTPS, all of the elements must be HTTPS, if there are: Pictures, JS script, Flash plug-ins are called through HTTP, it will appear this error, the most common is the call Flash playback plug-ins: codebase = ' http://download.macromedia.com/pub/shockwave/Cabs/flash/swflash.cab ', change HTTP to HTTPS, and test the SSL problem after refreshing. issue: The security

1. Install Nginx support SSL moduleHttp://nginx.org/en/docs/configure.htmlYum-y Install OpenSSH openssh-devel (http_ssl_module module dependent openssh)./Configure --sbin-path=/usr /local/nginx/nginx --conf-path=/usr/local/nginx/nginx. Conf --pid-path=/usr/local/nginx/nginx. PID --with-http_ssl_module --with-pcre=. /pcre-8.38 --with-zlib=. /zlib-1.2.82. Configure NginxHttp://nginx.org/en/docs/http/configuring_https_servers.htmlserv

Nginx cluster SSL Certificate WebApi authentication, nginxwebapi Directory 1 General idea... 1 2 Nginx cluster SSL Certificate WebApi authentication... 1 3 AuthorizeAttribute class... 2 4. generate an SSL certificate using

. Generate Server.key (name not important)OpenSSL genrsa-out Server.key 20483. Generate a Certificate signing requestOpenSSL req-new-key server.key-out server.csr-config openssl.cnfCommon Name is filled in this step, *.baidu.com4. Using a self-signed CA, sign SERVER.SCROpenSSL ca-days 180-in server.csr-out server.crt-cert ca.crt-keyfile ca.key-config openssl.cnf#输入第一步设置的密码, always press Y.SERVER.CRT Server.

Thrift ssl Certificate arrangement, thriftssl 1. Generate A certificate. The number of machines required must be greater than or equal to 2 (one server certificate is generated and one server certificate is generated). The following server uses A as the server and B as the c

1. Configure the SSL module for nginx Nginx does not have an SSL module by default, while nginx 0.7.63 is installed in my VPs by default. The following describes how to upgrade nginx to 0.7.64 and configure the SSL module: Download nginx 0.7.64 and decompress it to the decompressed directory: CopyCode The Code is as follows: wget http://sysoev.ru/nginx/nginx-0

certificate through IE on the client. Enter: If you are afraid of mistakes, you will fill in the country or something. In fact, you only need to write a name. Type: when accessing the web application of CA, it is best to open "more options" and "Advanced Certificate Application". Fill in the URL of the web server in the "note name" column, such as www.boc.cn Please note: The

[root@iz620cgsubhz/tmp]# git clone https://git.dwhd.org/lookback/docker-gitlab.gitCloning to ' Docker-gitlab ' ...Fatal:unable to access ' https://git.dwhd.org/lookback/docker-gitlab.git/': Peer ' s certificate issuer are not recognized. [root@iz620cgsubhz/tmp]# cd/etc/ssl/certs/[root@iz620cgsubhz/etc/ssl/certs]# Make Serial=5This makefile allows your to create:

OpenSSL to convert the format, the specific commands are as follows, replace MYCERT.CRT with your own file. OpenSSL x509-in mycert.crt-out mycert.pem-outform PEM Third, Upyun configuration In the Upyun background find "toolbox"--> "Add SSL Certificate", open the Pem file in Notepad, fill in the

Original address: http://www.lamppr.com/node/648 Generate a certificate using OpenSSL 1. How to generate RSA keys OpenSSL genrsa-des3-out Privkey.pem 2048 This command generates a 2048-bit key with a password that is encrypted by the Des3 method, and if you do not want to enter the password every time, you can change it to:

Before, there is a domain name using the online free SSL certificate, and then want to change the certificate after the expiration of Let's encrypt free certificate, then want to query the domain name SSL certificate How many days

1, Nginx configuration SSL ModuleThe default nginx is no SSL module, and my VPS is installed by default Nginx 0.7.63, incidentally, the Nginx upgrade to 0.7.64 and configure the SSL module as follows:Download Nginx 0.7.64 release, unzip into the extract directory:Copy CodeThe code is as follows:wget http://sysoev.ru/nginx/nginx-0.7.64.tar.gzTar zxvf nginx-0.7.64.

unit Name (eg, section) []:zhangc.com Common name (eg, your name or your server ' s hostname) []:www.zhangc.com Email Address []:vipzhangchao@yeah.net [ROOT@ZHANGC server]# mkdir/etc/vsftpd/certs "Create certificate store Directory" [ROOT@ZHANGC server]# cd/etc/vsftpd/certs/ [ROOT@ZHANGC certs]# OpenSSL genrsa 1024 gt;vsftpd.key ' Create key ' [ROOT@ZHANGC certs]#

, probably the distance expires in three days or more than 10 days before the update, otherwise you will be prompted not to update. (Yesterday updated the certificate, today directly with renew, prompt not allowed to update) #这里方便测试, add parameter--force-renew, can force immediate update (but it seems to have a check, the time will be shorter, such as I have just updated, immediately again execution will be error and prompt does not need to update). C

private key is specified (private key)Generate CSR based on existing CRT files and private keysOpenSSL x509 -in domain.crt -signkey domain.key -x509toreq-out DOMAIN.CSR-x509toreq using X509 certificates to generate CSRStep two: Generate an SSL certificateGenerate a private key and a self-signed certificate:OpenSSL req -newkey rsa:2048-nodes-keyout domain.key -x509-days 365-out domain.crt-days 365 365 days validityTo

'), ('DNS', 'snt145.afx.ms'), ('DNS', 'snt145.mail.live.com'), ('DNS', 'snt146.afx.ms'), ('DNS', 'snt146.mail.live.com'), ('DNS', 'snt147.afx.ms'), ('DNS', 'snt147.mail.live.com'), ('DNS', 'snt148.afx.ms'), ('DNS', 'snt148.mail.live.com')), 'subject': ((('1.3.6.1.4.1.311.60.2.1.3', u'US'),), (('1.3.6.1.4.1.311.60.2.1.2', u'Washington'),), (('businessCategory', u'Private Organization'),), (('serialNumber', u'600413485'),), (('countryName', u'US'),), (('postalCode', u'98052'),), (('stateOrProvince

SSL Certificate Request file (CSR) Generation Guide-TomcatHttp://www.zhenssl.com/support/CSRgen/tomcat_CSR.htm important points to note An Important Note before you StartGenerate your private key at the same time as the CSR file is generated, and if you lose the private key or forget the private key password, the certificate is issued to you and

CentOS 7 self-generated certificate configuration SSL WEB # Install Apache [root @ server0 ~] # Yum-y install httpd mod_ssl # add firewall rules [root @ server0 ~] # Firewall-cmd -- permanent -- add-server = 80/tcp [root @ server0 ~] # Firewall-cmd -- permanent -- add-server = 443/tcp [root @ server0 ~] # Firewall-cmd -- permanent -- add-server = 8080/tcp; firewall-cmd -- reload [root @ server0 ~] # Systemc

1, download the CA certificate from Curl official website (of course, you can also choose to create an SSL CA certificate, refer to 54898870 for details, or Baidu for yourself)CA Certificate: https://curl.haxx.se/docs/caextract.html page to select downloadOr: Https://curl.haxx.se/ca/cacert.pem2. Create a new folder in