openssl链式证书

vim ca.conf

openssl genrsa -out root.key 2048

openssl req -new -key root.key -out root.csr -config ca.conf

openssl x509 -req -days 3650 -sha256 -extfile ca.conf -extensions v3_ca -in root.csr -signkey root.key -out root.crt

openssl genrsa -out middle.key 2048

vim ca_intermediate.ext

openssl req -new -key middle.key -out middle.csr -config middle.conf

openssl x509 -req -extfile ca_intermediate.ext -extensions v3_intermediate_ca -days 1800 -sha256 -CA root.crt -CAkey root.key -CAcreateserial -CAserial serial -in middle.csr -out middle.crt

openssl verify -CAfile root.crt middle.crt

openssl x509 -noout -text -in middle.crt

openssl genrsa -out 119.45.253.198.key 2048

openssl req -new -key 119.45.253.198.key -out 119.45.253.198.csr -config 119.45.253.198.conf

openssl x509 -req -extfile 119.45.253.198.conf -extensions v3_server -days 365 -sha256 -CA middle.crt -CAkey middle.key -CAserial serial -in 119.45.253.198.csr -out 119.45.253.198.crt

cat middle.crt root.crt > middle-chain.crt

openssl verify -CAfile middle-chain.crt server.crt

https://blog.csdn.net/baidu_34881991/article/details/129888830

ssl

#开发 #ssl

openssl链式证书

https://zhaops-hub.github.io/2023/03/11/ssl/openssl链式证书/

作者

赵培胜

发布于

2023年3月11日

许可协议

keytool RSA DSA 上一篇

enum 高效实现方式下一篇