openssl3.2/test/certs - 025 - client intermediate ca: cca-cert

LostSpeed2024-01-24 21:07

文章目录

    • [openssl3.2/test/certs - 025 - client intermediate ca: cca-cert](#openssl3.2/test/certs - 025 - client intermediate ca: cca-cert)
    • 概述
    • 笔记
    • END

openssl3.2/test/certs - 025 - client intermediate ca: cca-cert

概述

openssl3.2 - 官方demo学习 - test - certs

笔记

// \file my_openssl_linux_log_doc_025.txt

// \note openssl3.2/test/certs - 025 - client intermediate ca: cca-cert

// --------------------------------------------------------------------------------

// 官方脚本

// --------------------------------------------------------------------------------

// openssl3.2/test/certs - 025 - client intermediate ca: cca-cert

./mkcert.sh genca -p clientAuth "CA" ca-key cca-cert root-key root-cert

// --------------------------------------------------------------------------------

// openssl cmd line parse

// --------------------------------------------------------------------------------

// cmd 1:

openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out ca-key.pem

// cmd 2:

config file = cfg_exp025_cmd2.txt

string_mask=utf8only

[req]

prompt = no

distinguished_name = dn

[dn]

CN = CA

openssl req -new -sha256 -key ca-key.pem -config cfg_exp025_cmd2.txt -out ca-key-req.pem

// cmd 3:

config file = cfg_exp025_cmd3.txt

basicConstraints = critical,CA:true

keyUsage = keyCertSign,cRLSign

subjectKeyIdentifier = hash

authorityKeyIdentifier = keyid

extendedKeyUsage = clientAuth

openssl x509 -req -sha256 -out cca-cert.pem -extfile cfg_exp025_cmd3.txt -CA root-cert.pem -CAkey root-key.pem -set_serial 2 -days 36525 -in ca-key-req.pem

// --------------------------------------------------------------------------------

// openssl log

// --------------------------------------------------------------------------------

openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out ca-key.pem

openssl req -new -sha256 -key ca-key.pem -config /dev/fd/63

-config /dev/fd/63 => /home/lostspeed/openssl/openssl-3.2.0_debian/test/certs/my_openssl_linux_log.txt

string_mask=utf8only

[req]

prompt = no

distinguished_name = dn

[dn]

CN = CA

openssl x509 -req -sha256 -out cca-cert.pem -extfile /dev/fd/63 -CA root-cert.pem -CAkey root-key.pem -set_serial 2 -days 36525

-extfile /dev/fd/63 => /home/lostspeed/openssl/openssl-3.2.0_debian/test/certs/my_openssl_linux_log.txt

basicConstraints = critical,CA:true

keyUsage = keyCertSign,cRLSign

subjectKeyIdentifier = hash

authorityKeyIdentifier = keyid

extendedKeyUsage = clientAuth

END

相关推荐
恋喵大鲤鱼1 天前
openssl(1) command
openssl
pzs02214 天前
openssl的使用
openssl
小亦小亦_空中接力6 天前
openssl+keepalived安装部署
openssl·keepalived
摸鱼手会滑8 天前
源码编译安装python3.12没有ssl模块,python3.12 ModuleNotFoundError: No module named ‘_ssl‘
ssl·openssl·python3
老朱自强不息20 天前
Windows 平台编译openssl3.3
windows·openssl
promise5241 个月前
openssl 详解
linux·运维·服务器·网络协议·安全·https·openssl
俱会一处1 个月前
用openssl 创建自签名证书用于内网HTTPS
https·openssl·内网·局域网
xiaogengtongxu1 个月前
CA证书和openssl介绍
网络·安全·openssl
蚯蚓也自由2 个月前
openssl版本不同引发的崩溃
linux·服务器·调试·openssl·崩溃
husterlichf2 个月前
openssl req 详解
openssl·ca证书
热门推荐
01CCF-CSP认证考试 202406-3 文本分词 100分题解02RAG 实践- Ollama+RagFlow 部署本地知识库032024年高教社杯数学建模国赛C题超详细解题思路分析04实战 | 基于YOLOv9和OpenCV实现车辆跟踪计数(步骤 + 源码)05组基轨迹建模 GBTM的介绍与实现(Stata 或 R)06【2024数模国赛赛题思路公开】国赛B题思路丨附可运行代码丨无偿自提07【数据分享】1961—2022年全国范围的逐日降水栅格数据08苍穹外卖面试总结09【2024高教社杯全国大学生数学建模竞赛】B题 生产过程中的决策问题——解题思路 代码 论文10yolov8实战第五天——yolov8+ffmpg实时视频流检测并进行实时推流——(推流,保姆教学)