Openssl to generate Self-singed certificate - On Windows Platform
来源:互联网 发布:一元夺宝走势图软件 编辑:程序博客网 时间:2024/05/26 19:19
Precondition,
openssl0.9.7c for windows http://gnuwin32.sourceforge.net/downlinks/openssl-bin.php
Installed the Openssl, and nevigate to installed path C:/Program Files/GnuWin32/bin by cmd window. Create a temporary folder C:/CAtemp to store the generated files
1. Generate a private key
The openssl toolkit is used to generate an RSA Private Key
Using the command belows to generate a private key
C:/Program Files/GnuWin32/bin> openssl genrsa -out C:/CAtemp/server.key 1024
genrsa --> generate RSA key
2. Generate a CSR by the private key ( Certificate Signing Request )
In this step, we use the private key generate from 1 to generate a Certificate that waiting for signing.
--> Here we have 2 choices that.
Firstly, using self-signed to sign the certificate
Secondly, using CA industries to sign the certificate, but it's not free but more reliable
Using the command belows to generate an CSR
../bin>openssl req -new -key C:/CAtemp/server.key -out C:/CAtemp/server.csr
But we got the following errors,
../bin> Unable to load config info
../bin> unable to find 'distinguished_name' in config
../bin> problems making Certificate Request
../bin> unable to find 'distinguished_name' in config
../bin> problems making Certificate Request
../bin> ...
It prompt that we miss one config files.
So the right way described as following,
a. To create a config file named openssl.conf and deploy it at C:/Program Files/GnuWin32/bin, acutally not forced to deploy it here.
The content of the openssl.conf,
[ req ]
default_bits = 1024
default_keyfile = ca-key.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
prompt = no
output_password = as12345
[ req_distinguished_name ]
C = CN
ST = Guangdong 测试省份
L = Shenzhen 测试地点
O = Gardent 机构名称
OU = Java 组织单位名称
CN = Aisce 通用名称
emailAddress = email@gmail.com
[ req_attributes ]
challengePassword = 12345678
default_bits = 1024
default_keyfile = ca-key.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
prompt = no
output_password = as12345
[ req_distinguished_name ]
C = CN
ST = Guangdong 测试省份
L = Shenzhen 测试地点
O = Gardent 机构名称
OU = Java 组织单位名称
CN = Aisce 通用名称
emailAddress = email@gmail.com
[ req_attributes ]
challengePassword = 12345678
b. To run the following command to generate the CSR
../bin>openssl req -new -key C:/CAtemp/server.key -out C:/CAtemp/server.csr -config openssl.conf
-config to import the config file
Now the server.csr has been generated with the config file has been imported
3. Generate self-signed certificate (CRT, CeRtificaTe)
../bin>openssl x509 -req -days 365 -in C:/CAtemp/server.csr -signkey C:/CAtemp/server.key -out C:/CAtemp/server.crt
-in : import the CSR certificate
-signkey : the private key that is used to sign the CSR
-out : Generate the certificate
Finally the self-signed certificate has been generated as server.crt.
Reference links:
http://www.akadia.com/services/ssh_test_certificate.html
http://blog.sina.com.cn/s/blog_516811a80100ajnw.html
- Openssl to generate Self-singed certificate - On Windows Platform
- Generate certificate in Java -- Self signed certificate
- How to generate certificate
- How to generate unique key on Android platform
- How to generate self-signed certificate using keytool command of JDK?
- How To Generate A Wallet Containing A Self Signed Certificate Using ORAPKI [ID 560982.1]
- Https SSL Knowledge & how to get a self-signed certificate on ubuntu.
- How to manually generate a Heapdump in WebSphere on Windows
- How to generate an SSH key on Windows using PuTTY?
- GENERATE AN OPENSSL CERTIFICATE REQUEST WITH SHA256 SIGNATURE
- OpenSSL 生成自签名证书(Self-signed SSL certificate)【转】
- Fix “Windows was unable to find a certificate to log you on to the network”
- How to generate self-signed SSL certificates
- Compile openssl on windows
- network command on windows platform
- How to make XAML project to build faster on the Windows Platform
- How to sign a .Sis file with Self-Sign Certificate
- How to create a self-signed SSL Certificate
- Spring + Hibernate + Struts
- 受害人思维 Victim mentality
- lion and the mouse 小人物也起大作用
- 如何用英文写证明书
- 版权属左 copyleft
- Openssl to generate Self-singed certificate - On Windows Platform
- 让你养成终身学习习惯的小提示
- Objective-C for C++ Programmers
- CDMA2000 1X位置服务平台实现方案
- 二、走出软件作坊:三五个人十来条枪 如何成为开发正规军
- 一、技术总监和CTO的区别 浅谈CTO的作用----软件公司如何开源节流
- wcf webhttpbinding
- 对于应用层的一些意见
- pluto PortletServlet类分析