openssl3.2/test/certs - 027 - server intermediate ca: sca-cert

LostSpeed2024-01-25 9:50

文章目录

    • [openssl3.2/test/certs - 027 - server intermediate ca: sca-cert](#openssl3.2/test/certs - 027 - server intermediate ca: sca-cert)
    • 概述
    • 笔记
    • END

openssl3.2/test/certs - 027 - server intermediate ca: sca-cert

概述

openssl3.2 - 官方demo学习 - test - certs

笔记

// \file my_openssl_linux_log_doc_027.txt

// \note openssl3.2/test/certs - 027 - server intermediate ca: sca-cert

// --------------------------------------------------------------------------------

// 官方脚本

// --------------------------------------------------------------------------------

// openssl3.2/test/certs - 027 - server intermediate ca: sca-cert

./mkcert.sh genca -p serverAuth "CA" ca-key sca-cert root-key root-cert

// --------------------------------------------------------------------------------

// openssl cmd line parse

// --------------------------------------------------------------------------------

// cmd 1:

openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out ca-key.pem

// cmd 2:

// config file = cfg_exp027_cmd2.txt

string_mask=utf8only

[req]

prompt = no

distinguished_name = dn

[dn]

CN = CA

openssl req -new -sha256 -key ca-key.pem -config cfg_exp027_cmd2.txt -out ca-key-req.pem

cmd 3:

// config file = cfg_exp027_cmd3.txt

basicConstraints = critical,CA:true

keyUsage = keyCertSign,cRLSign

subjectKeyIdentifier = hash

authorityKeyIdentifier = keyid

extendedKeyUsage = serverAuth

openssl x509 -req -sha256 -out sca-cert.pem -extfile cfg_exp027_cmd3.txt -CA root-cert.pem -CAkey root-key.pem -set_serial 2 -days 36525 -in ca-key-req.pem

// --------------------------------------------------------------------------------

// openssl log

// --------------------------------------------------------------------------------

openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out ca-key.pem

openssl req -new -sha256 -key ca-key.pem -config /dev/fd/63

-config /dev/fd/63 => /home/lostspeed/openssl/openssl-3.2.0_debian/test/certs/my_openssl_linux_log.txt

string_mask=utf8only

[req]

prompt = no

distinguished_name = dn

[dn]

CN = CA

openssl x509 -req -sha256 -out sca-cert.pem -extfile /dev/fd/63 -CA root-cert.pem -CAkey root-key.pem -set_serial 2 -days 36525

-extfile /dev/fd/63 => /home/lostspeed/openssl/openssl-3.2.0_debian/test/certs/my_openssl_linux_log.txt

basicConstraints = critical,CA:true

keyUsage = keyCertSign,cRLSign

subjectKeyIdentifier = hash

authorityKeyIdentifier = keyid

extendedKeyUsage = serverAuth

END

相关推荐
pzs02212 天前
openssl的使用
openssl
小亦小亦_空中接力4 天前
openssl+keepalived安装部署
openssl·keepalived
摸鱼手会滑6 天前
源码编译安装python3.12没有ssl模块,python3.12 ModuleNotFoundError: No module named ‘_ssl‘
ssl·openssl·python3
老朱自强不息18 天前
Windows 平台编译openssl3.3
windows·openssl
promise5241 个月前
openssl 详解
linux·运维·服务器·网络协议·安全·https·openssl
俱会一处1 个月前
用openssl 创建自签名证书用于内网HTTPS
https·openssl·内网·局域网
xiaogengtongxu1 个月前
CA证书和openssl介绍
网络·安全·openssl
蚯蚓也自由1 个月前
openssl版本不同引发的崩溃
linux·服务器·调试·openssl·崩溃
husterlichf2 个月前
openssl req 详解
openssl·ca证书
我想学LINUX2 个月前
【常见开源库的二次开发】基于openssl的加密与解密——SHA算法源码解析(六)
算法·开源·openssl·比特币·sha-1·sha-2·比特币挖矿
热门推荐
01RAG 实践- Ollama+RagFlow 部署本地知识库02组基轨迹建模 GBTM的介绍与实现(Stata 或 R)032024年高教社杯数学建模国赛C题超详细解题思路分析04苍穹外卖面试总结05yolov8实战第五天——yolov8+ffmpg实时视频流检测并进行实时推流——(推流,保姆教学)06【2024数模国赛赛题思路公开】国赛B题思路丨附可运行代码丨无偿自提07Coze扣子平台完整体验和实践(附国内和国际版对比)08CCF-CSP认证考试 202406-3 文本分词 100分题解09【2024高教社杯全国大学生数学建模竞赛】B题 生产过程中的决策问题——解题思路 代码 论文10借助 LocatorJS ,快速定位本地代码