This section contains the contents of theopenssl.cnffile that can be used on Windows. Be sure to make the appropriate changes to the directories. # # SSLeay example properties file. # This is mostly being used for generation of certificate requests. # RANDFILE = .rnd ### [ ca ] default...
This section contains the contents of theopenssl.cnffile that can be used on Windows. Be sure to make the appropriate changes to the directories. # # SSLeay example properties file. # This is mostly being used for generation of certificate requests. # RANDFILE = .rnd ### [ ca ] default...
生成证书请求文件(csr文件)的命令如下: openssl req -new -key private/cakey.pem -out private/ca.csr -config ./openssl.cnf 该指令会使用刚才设置好的openssl配置文件,而不用使用默认的配置文件。因为Windows系统有时候是没有这个默认的文件的,不像Linux那么自动化。 输入后会提示输入一大堆信息。例如国家简码,...
例子openssl.cnf文件的policy_match节指定了在生成的证书中属性的顺序,如下: countryName stateOrProvinceName organizationName organizationalUnitName commonName emailAddress Example openssl.cnf File ### # openssl example configuration file. # This is mostly used for generation of certificate requests. ### [...
7.4.2 file bio 37 7.4.3 socket bio 38 7.4.4 md BIO 39 7.4.5 cipher BIO 40 7.4.6 ssl BIO 41 7.4.7 其他示例 42 第八章 配置文件 43 8.1 概述 43 8.2 openssl配置文件读取 43 8.3 主要函数 44 8.4 编程示例 44 第九章 随机数 46 ...
典型配置文件为apps/openssl.cnf(同时该文件也是openssl最主要的配置文件) # OpenSSL example configuration file. oid_section = new_oids [ CA_default ] dir = ./demoCA # Where everything is kept certs = $dir/certs # Where the issued certs are kept ...
Override the system configuration file by exporting the OPENSSL_CONF environment variable. This will allow you to test a different configuration without affecting your system wide configuration. export OPENSSL_CONF=mycopy-openssl.cnf Conclusion
Example 3-3. Telling OpenSSL where to find our configuration file # OPENSSL_CONF=/opt/exampleca/openssl.cnf # export OPENSSL_CONF 1. 2. 3.3.3 Creating a Self-Signed Root Certificate [ req ] default_bits = 2048 default_keyfile = /opt/exampleca/private/cakey.pem ...
openssl x509-req-days3650-insan_domain_com.csr-signkey san_domain_com.key-out san_domain_com.crt-extensions v3_req-extfile openssl.cnf 执行后,可看到本目录下多了以下三个文件 代码语言:javascript 代码运行次数:0 运行 AI代码解释 san_domain_com.crt ...
altNames = DNS Name (fully qualified domain name) # 设置多域名或通配符,多个域名用逗号隔开,如:.example.com,example2.com,这里以多域名为例。EOF 生成服务器证书请求:$ openssl req -new -key server.key -out server.csr -config server.cnf 使用根证书签名服务器证书:$ openssl x509 -req -in ...