Transferred from:
Http://rhythm-zju.blog.163.com/blog/static/310042008015115718637/
All rights reserved. If you need to reprint it, please indicate the source
I have studied SSL/TLS some time ago and read the English version of Eric rescorla's SSL
I. Introduction of OpenSSL
OpenSSL is currently the most popular SSL cipher library tool that provides a common, robust, and fully functional suite of tools to support the implementation of the SSL/TLS protocol.Official website:
In HTTPS learning note two, the concept of digital certificates has been clarified, composed and how the client validates the server-side certificate during the HTTPS connection process. This chapter describes how to use the OpenSSL library to
Self-built CA Based on OpenSSL and SSL certificate issuance
For details about SSL/TLS, see the SSL/TLS principles.For more information about Certificate Authority (CA) and digital certificate, see OpenSSL and SSL digital certificate
SSL security certificates can be generated on their own or through a third-party CA (certification authority) Certification Center payment request. SSL security certificates include: 1, CA certificate, also called root certificate or intermediate
1. After OpenSSL is installed, find OpenSSL. CnF in the/usr/lib/SSL directory (for Ubuntu system, use whereis to check the SSL directory) and copy it to the working directory.
2. Create a New democafolder under the Work directory, create the new
OpenSSL self-built certificate SSL + Apache
I have prepared it. Well, the following is my note. For details, enter the author name: wingger.In this article, we will test the certificate on Linux9 + apache2.0.52, tomcat5.5.6, j2se1.5, and
First, you need to understand some basic concepts before installing
1. Certificates used by SSL can be self-generated or signed by a commercial ca such as Verisign or thawte.
2. Certificate concept: First, you must have a root certificate, and
OpenSSL Toolkit is one of the implementation methods of SSL v2/V3 and TLS v1 protocols on Linux, and provides common encryption and decryption functions.
OpenSSLIt consists of three parts:
1:Libcrypto: an encrypted library mainly used to implement
Digital Certificate and its authentication process [reprinted], digital certificate reprinted
As we all know, public key cryptography makes it easy to use digital signatures, encrypted communications, and other key services by using the public key
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.