openssl创建证书
openssl创建证书
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22root@192:~# mkdir -p /opt/nginx/ssl
root@192:~# cd /opt/nginx/ssl/
root@192:/opt/nginx/ssl# openssl req -newkey rsa:4096 -nodes -sha256 -keyout domain.key -x509 -days 365 -out domain.crt
Generating a 4096 bit RSA private key
........++
.........................................................................................................................................................................................................................................++
writing new private key to \'domain.key\'
\-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
\-----
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:BJ
Locality Name (eg, city) []:bj
Organization Name (eg, company) [Internet Widgits Pty Ltd]:zhonghui
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:d.hub.io
Email Address []:pengliu@brandwisdom.cnopenssl 将证书crt转换为cer
1
root@192:~# openssl x509 -in domain.crt -out domain.cer -outform der