Build your own certificate issuing service (CA) and build a certificate issuing ca
This article original from the http://blog.csdn.net/voipmaker reprint indicate the source.
This series of articles is divided into three parts. It mainly introduces
This document uses the root CA private key and certificate created in the experiment environment to create an intermediate CA. For easy differentiation, the CA that creates an intermediate CA (intermediate CA) is called the root CA ).For more
Transferred from:
Http://rhythm-zju.blog.163.com/blog/static/310042008015115718637/
All rights reserved. If you need to reprint it, please indicate the source
I have studied SSL/TLS some time ago and read the English version of Eric rescorla's SSL
Build your own certificate issuing service (CA)
This series of articles is divided into three parts. It mainly introduces how to build your own certificate issuing service, generate certificate requests, and sign the generated certificate request
I. Theoretical knowledge
What is ca?
Ca is short for Certificate Authority. It is usually translated into an authentication authority or a certification center. It is mainly used to issue digital certificates to users. This digital certificate
First, obtain the certificate1. Obtained from CA2. Obtained from WINDOWS2003 Certificate service3, using the MakeCert tool to obtainSecond, the preservation of certificates1. Save in certificate store2. Save in file Form2.1. Certificate with private
In a recent project, the establishment of the PKI system has not been completed before, so it was confused at the beginning. I slowly found out some results and shared them with you. I hope you can correct the incorrect information.
At present, the
0. EnvironmentInstallation of Nginx, installation of OpenSSL1. Configuration and scriptingFirst create a demo directory (the location of their own choice, I choose to build in the Nginx directory):mkdir /etc/nginx/ca-/etc/nginx/ca-demoModify the SSL
[Slightly abridged] In order to achieve the popularity of the effect, I will try to use the more obvious, non-technical language to clear.★ First to say a popular exampleConsidering the knowledge of the certificate system is more dull and obscure.
Lab environment:Virtual Machine: VMware® Workstation 12 ProHost A: the ip address is 10.1.20.55/16. Create a ca and provide the CA service to other hosts.Host B: httpd server, ip address: 10.1.249.115/161. View the openssl configuration file/etc/pki/
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.