In HTTPS learning note two, the concept of digital certificates has been clarified, composed and how the client validates the server-side certificate during the HTTPS connection process. This chapter describes how to use the OpenSSL library to
Transferred from:
Http://rhythm-zju.blog.163.com/blog/static/310042008015115718637/
All rights reserved. If you need to reprint it, please indicate the source
I have studied SSL/TLS some time ago and read the English version of Eric rescorla's SSL
From: http://blog.chinaunix.net/uid-311680-id-2973653.html
1.1 Use OpenSSL commands to issue level 2 and level 3 digital certificatesThe following uses Linux as an example.
1.1.1 configuration of CA mechanism under OpenSSL in LinuxThe CA mechanism
I. Introduction of OpenSSL
OpenSSL is currently the most popular SSL cipher library tool that provides a common, robust, and fully functional suite of tools to support the implementation of the SSL/TLS protocol.Official website:
Self-built CA Based on OpenSSL and SSL certificate issuance
For details about SSL/TLS, see the SSL/TLS principles.For more information about Certificate Authority (CA) and digital certificate, see OpenSSL and SSL digital certificate
OpenSSL self-built certificate SSL + Apache
I have prepared it. Well, the following is my note. For details, enter the author name: wingger.In this article, we will test the certificate on Linux9 + apache2.0.52, tomcat5.5.6, j2se1.5, and
1. After OpenSSL is installed, find OpenSSL. CnF in the/usr/lib/SSL directory (for Ubuntu system, use whereis to check the SSL directory) and copy it to the working directory.
2. Create a New democafolder under the Work directory, create the new
SSL security certificates can be generated on their own or through a third-party CA (certification authority) Certification Center payment request. SSL security certificates include: 1, CA certificate, also called root certificate or intermediate
Digital Certificate and its authentication process [reprinted], digital certificate reprinted
As we all know, public key cryptography makes it easy to use digital signatures, encrypted communications, and other key services by using the public key
First, you need to understand some basic concepts before installing
1. Certificates used by SSL can be self-generated or signed by a commercial ca such as Verisign or thawte.
2. Certificate concept: First, you must have a root certificate, and
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.