nginx生成ssl证书

jatter

浏览: 53173 次
性别:
来自: 南京

最近访客更多访客>>

静湖孤子

20731408

eelzs

duanjian502

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

[root@bbd56c264506 ~]# cd /usr/local/nginx/
[root@bbd56c264506 nginx]# ls
client_body_temp  conf  fastcgi_temp  html  logs  proxy_temp  sbin  scgi_temp  uwsgi_temp
[root@bbd56c264506 nginx]# cd conf/
[root@bbd56c264506 conf]# ls
fastcgi.conf          fastcgi_params          koi-utf  mime.types          nginx.conf          scgi_params          server.crt  server.key      uwsgi_params          win-utf
fastcgi.conf.default  fastcgi_params.default  koi-win  mime.types.default  nginx.conf.default  scgi_params.default  server.csr  server.key.org  uwsgi_params.default
[root@bbd56c264506 conf]# vi nginx.conf
[root@bbd56c264506 conf]# 
[root@bbd56c264506 conf]# 
[root@bbd56c264506 conf]# 
[root@bbd56c264506 conf]# ls
fastcgi.conf          fastcgi_params          koi-utf  mime.types          nginx.conf          scgi_params          server.crt  server.key      uwsgi_params          win-utf
fastcgi.conf.default  fastcgi_params.default  koi-win  mime.types.default  nginx.conf.default  scgi_params.default  server.csr  server.key.org  uwsgi_params.default
[root@bbd56c264506 conf]# openssl genrsa -des3 -out server_test.key 1024
Generating RSA private key, 1024 bit long modulus
.............................++++++
..++++++
e is 65537 (0x10001)
Enter pass phrase for server_test.key:
Verifying - Enter pass phrase for server_test.key:
[root@bbd56c264506 conf]# openssl req -new -key server_test.key -out server_test.csr
Enter pass phrase for server_test.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:ZH
State or Province Name (full name) []:JS
Locality Name (eg, city) [Default City]:NJ
Organization Name (eg, company) [Default Company Ltd]:BOSYUN
Organizational Unit Name (eg, section) []:BOSYUN
Common Name (eg, your name or your server's hostname) []:test.bosyun.com
Email Address []:jun.wang@imgchina.com.cn

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:123456
An optional company name []:BOSYUN
[root@bbd56c264506 conf]# cp server_test.key server_test.key.org
[root@bbd56c264506 conf]# openssl rsa -in server_test.key.org -out server_test.key 
Enter pass phrase for server_test.key.org:
writing RSA key
[root@bbd56c264506 conf]# openssl x509 -req -days 365 -in server_test.csr -signkey server_test.key -out server_test.crt
Signature ok
subject=/C=ZH/ST=JS/L=NJ/O=BOSYUN/OU=BOSYUN/CN=test.bosyun.com/emailAddress=jun.wang@imgchina.com.cn
Getting Private key

分享到：