Tạo website certificate bằng openssl

Download và cài đặt openssl:

https://slproweb.com/download/Win64OpenSSL-1_1_1d.exe

Tạo root CA certificate:

openssl genrsa -out rootCA.key 4096
openssl req -new -x509 -key rootCA.key -out rootCA.crt -days 365000 -sha512

Tạo website certificate:

openssl genrsa -out hoshizora.key 4096
openssl req -new -key hoshizora.key -out hoshizora.csr
openssl x509 -req -in hoshizora.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out hoshizora.crt -days 730 -sha512 -extfile hoshizora.ext

Nội dung file hoshizora.ext:

subjectAltName = @alt_names

[alt_names]
DNS.1 = hoshizora.com
DNS.2 = *.hoshizora.com
IP.1 = 127.0.0.1

Tạo self signed certificate:

openssl req -x509 -newkey rsa:4096 -keyout localhost.key -out localhost.crt -nodes -days 365 -subj "/CN=localhost" -addext "subjectAltName = DNS:localhost"

Tạo file certificate pfx cho IIS:

openssl pkcs12 -export -out hoshizora.pfx -inkey hoshizora.key -in hoshizora.crt

H	B	T	N	S	B	C
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31

Experiences

Tạo website certificate bằng openssl

admin

Trả lời Hủy