如何在一臺 web 服務器上註冊CA證書
阿新 • • 發佈:2017-09-17
str web服務器 證書 jin stat bsp class ria ask
State or Province Name (full name) []:beijing
Locality Name (eg, city) [Default City]:beijing
Organization Name (eg, company) [Default Company Ltd]:uplooking
Organizational Unit Name (eg, section) []:ops
Common Name (eg, your name or your server‘s hostname) []:www.uplooking.com
Email Address []:[email protected]uplooking.com
4:將證書請求通過scp發送給CA主機
scp httpd.csr [email protected]192.168.23.10:/root/
5:在CA主機上簽署證書(在CA主機上操作),將簽署了的證書先保存在/etc/pki/CA/certs/目錄下
openssl ca -in /root/httpd.csr -out /etc/pki/CA/certs/httpd.crt -days 365
6:將證書發送給web服務器
scp /etc/pki/CA/certs/httpd.crt [email protected]192.168.23.11:/etc/httpd/ssl/
7:查看證書中的信息
openssl x509 -in /etc/httpd/ssl/httpd.crt -noout -serial -subject
試驗環境介紹
(CA的主機為192.168.23.10、httpd的主機為:192.168.23.11)
如何在一臺 web 服務器上註冊CA證書