生成10年https证书

2024-05-16 本文已影响0人 yangqing

生成私钥

openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 2048 > localhost.key 2> /dev/null

生成证书

openssl req -new -key /etc/pki/tls/private/localhost.key \
         -x509 -sha256 -days 3650 -set_serial $RANDOM -extensions v3_req \
         -out /etc/pki/tls/certslocalhost.crt

查看证书

openssl x509 -in /etc/pki/tls/certs/localhost.crt -text

一键脚本生成httpd的https证书

#!/bin/sh
if [ -f /etc/pki/tls/private/localhost.key -o -f /etc/pki/tls/certs/localhost.crt ]; then
   exit 0
fi

/usr/bin/openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 2048 > /etc/pki/tls/private/localhost.key 2> /dev/null

FQDN=`hostname`
if [ "x${FQDN}" = "x" -o ${#FQDN} -gt 59 ]; then
   FQDN=localhost.localdomain
fi

cat << EOF | /usr/bin/openssl req -new -key /etc/pki/tls/private/localhost.key \
         -x509 -sha256 -days 3650 -set_serial $RANDOM -extensions v3_req \
         -out /etc/pki/tls/certs/localhost.crt 2>/dev/null
--
SomeState
SomeCity
SomeOrganization
SomeOrganizationalUnit
${FQDN}
root@${FQDN}
EOF

生成10年https证书

生成私钥

生成证书

查看证书

一键脚本生成httpd的https证书

猜你喜欢

热点阅读