Self-built CA Based on OpenSSL and SSL certificate issuance
For details about SSL/TLS, see the SSL/TLS principles.For more information about Certificate Authority (CA) and digital certificate, see OpenSSL and SSL digital certificate
In HTTPS learning note two, the concept of digital certificates has been clarified, composed and how the client validates the server-side certificate during the HTTPS connection process. This chapter describes how to use the OpenSSL library to
1. After OpenSSL is installed, find OpenSSL. CnF in the/usr/lib/SSL directory (for Ubuntu system, use whereis to check the SSL directory) and copy it to the working directory.
2. Create a New democafolder under the Work directory, create the new
However, when I follow the steps above, the HTTPS service will not start, and the certificate file will always be prompted that it does not exist or the format is invalid. After a
Digital Certificate and its authentication process [reprinted], digital certificate reprinted
As we all know, public key cryptography makes it easy to use digital signatures, encrypted communications, and other key services by using the public key
ObjectiveI read a lot of information, only to write this article, if there are errors, please put forward the reader in time.In general, when you use Remote Desktop to connect to Windows Server, there is always a warning prompt, 1Figure 1This
OpenSSL genrsa-out server.key 1024 (no password required)OpenSSL Req-new-key server.key-out SERVER.CSRCat SERVER.CSRPaste the above text into http://dc2.sankuai.info/certsrv/request Advanced Certificate request---->web Server certificate, OK,
The OpenSSL Certificate Action command generates a self signed certificate# Generate a key, your private key, OpenSSL will prompt you to enter a password, you can enter, you can not lose,# Enter the words, each time you use this key to enter the
What is CA:
CA (Certificate authority) is the abbreviation of digital Certificate Certification Center, refers to the issuing, management, abolition of digital certificate institutions.
The role of a CA is to check the legitimacy of the identity of
I. Generate a CA certificate
Currently, the CA of a third-party authority is not used for authentication and serves as the CA.
Prerequisites: Download www.openssl.org from the
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
and provide relevant evidence. A staff member will contact you within 5 working days.