1.安装openssl

1.1查看是否安装了openssl

[root@hh ~]# rpm -ql openssl

1.2未安装,使用安装命令

yum install openssl

1.3安装完或已安装的会出现一下目录,可能会多一些目录

/etc/pki/CA
/etc/pki/CA/certs
/etc/pki/CA/crl
/etc/pki/CA/newcerts
/etc/pki/CA/private
/etc/pki/tls/certs/Makefile
/etc/pki/tls/certs/make-dummy-cert
/etc/pki/tls/certs/renew-dummy-cert
/etc/pki/tls/misc/CA
/etc/pki/tls/misc/c_hash
/etc/pki/tls/misc/c_info
/etc/pki/tls/misc/c_issuer
/etc/pki/tls/misc/c_name

2.创建自签名证书

2.1利用/etc/pki/tls/certs/Makefile中make命令生成证书,需先到该目录下才能使用make命令

cd /etc/pki/tls/certs/Makefile	
ls 
#效果:
[root@hh ~]# cd /etc/pki/tls/certs/
[root@hh certs]# ls
ca-bundle.crt  ca-bundle.trust.crt  make-dummy-cert  Makefile  renew-dummy-cert

2.2创建CA证书
开始会让你填密码,随意设个123456,然后是确定密码,接着让你填’.'继续,最后填上证书信息。
注意

  • 在填写时是只能填一遍,无法使用backspace键,只能输入信息,backspa也会当作信息输入。
  • 证书颁发给 / 颁发者姓名是在倒数第二项中填入,你填什么,最后显示什么,如我填入:ACCVRAIZI
    Common Name (eg, your name or your server's hostname) []:ACCVRAIZI
[root@hh certs]# make ../private/httpd.crt
umask 77 ; \
/usr/bin/openssl genrsa -aes128 2048 > ../private/httpd.key
Generating RSA private key, 2048 bit long modulus
......+++
...........+++
e is 65537 (0x10001)
Enter pass phrase:
Verifying - Enter pass phrase:
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key ../private/httpd.key -x509 -days 365 -out ../private/httpd.crt 
Enter pass phrase for ../private/httpd.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:.
State or Province Name (full name) []:CN
Locality Name (eg, city) [Default City]:Gongd^HDong
Organization Name (eg, company) [Default Company Ltd]:GuangZhou
Organizational Unit Name (eg, section) []:WUT
Common Name (eg, your name or your server's hostname) []:test.com
Email Address []:abc@qq.com

2.3最后用xftp连接你的linux虚拟机或云服务器,自签名证书存放在
/etc/pki/tls/private/路径下

[root@hh certs]# ls /etc/pki/tls/private/
httpd.crt  httpd.key

在这里插入图片描述

2.4证书:颁发者与颁发给为Common name项填写的名字

在这里插入图片描述

# ssl
Logo
Linux

更多推荐

网卡速率和双工模式的配置

http://linux.chinaitlab.com/system/792187.html1、mii-tool 配置网络设备协商方式的工具;    1.1 mii-tool 介绍;    mii-tool - view, manipulate media-independent interface status (mii-tool 是查看,管理介质的网络接口的状态)

avatar Linux

Linux虚拟文件系统之文件系统卸载(sys_umount())

Linux中卸载文件系统由umount系统调用实现,入口函数为sys_umount()。较于文件系统的安装较为简单,下面是具体的实现。1. /*sys_umont系统调用*/2. SYSCALL_DEFINE2(umount, char __user *, name, int, flags)3. {4.struct path path;

avatar Linux

Linux系统下超级终端Minicom的使用方法(例如:连接交换机,路由器等)转http://baike.baidu.com/view/2911642.htm?fr=ala0_1

<br />  Linux系统下超级终端Minicom的使用方法 <br />  Linux下的Minicom的功能与下的超级终端功能相似,适于在通过超级终端对设备的管理以及对嵌入操作系统的升级,现写出Minicom的使用手册: <br />  1. 启动minicom <br />  以root权限登录系统 <br />  使用命令 <br />  minicom –s 则minicom启动,屏

avatar Linux