openssl3.2/test/certs - 031 - purpose variants: clientAuth

LostSpeed2024-01-26 0:33

文章目录

    • [openssl3.2/test/certs - 031 - purpose variants: clientAuth](#openssl3.2/test/certs - 031 - purpose variants: clientAuth)
    • 概述
    • 笔记
    • END

openssl3.2/test/certs - 031 - purpose variants: clientAuth

概述

openssl3.2 - 官方demo学习 - test - certs

笔记

/*!

\file my_openssl_linux_log_doc_031.txt

\note openssl3.2/test/certs - 031 - purpose variants: clientAuth

*/

// --------------------------------------------------------------------------------

// official bash script

// --------------------------------------------------------------------------------

// openssl3.2/test/certs - 031 - purpose variants: clientAuth

./mkcert.sh genee -p clientAuth server.example ee-key ee-client ca-key ca-cert

// --------------------------------------------------------------------------------

// openssl cmd line parse

// --------------------------------------------------------------------------------

// cmd 1

openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out ee-key.pem

// cmd 2

// config file = cfg_exp031_cmd2.txt

string_mask=utf8only

req

prompt = no

distinguished_name = dn

dn

CN = server.example

openssl req -new -sha256 -key ee-key.pem -config cfg_exp031_cmd2.txt -out ee-key-req.pem

// cmd 3

// config file = cfg_exp031_cmd3.txt

subjectKeyIdentifier = hash

authorityKeyIdentifier = keyid, issuer

basicConstraints = CA:false

extendedKeyUsage = clientAuth

alts

subjectAltName = @alts

DNS=server.example

alts

openssl x509 -req -sha256 -out ee-client.pem -extfile cfg_exp031_cmd3.txt -CA ca-cert.pem -CAkey ca-key.pem -set_serial 2 -days 36525 -in ee-key-req.pem

// --------------------------------------------------------------------------------

// openssl log

// --------------------------------------------------------------------------------

openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out ee-key.pem

openssl req -new -sha256 -key ee-key.pem -config /dev/fd/63

-config /dev/fd/63 => /home/lostspeed/openssl/openssl-3.2.0_debian/test/certs/my_openssl_linux_log.txt

string_mask=utf8only

req

prompt = no

distinguished_name = dn

dn

CN = server.example

openssl x509 -req -sha256 -out ee-client.pem -extfile /dev/fd/63 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 2 -days 36525

-extfile /dev/fd/63 => /home/lostspeed/openssl/openssl-3.2.0_debian/test/certs/my_openssl_linux_log.txt

subjectKeyIdentifier = hash

authorityKeyIdentifier = keyid, issuer

basicConstraints = CA:false

extendedKeyUsage = clientAuth

alts

subjectAltName = @alts

DNS=server.example

alts

END

相关推荐
王小义笔记7 天前
windows电脑如何执行openssl rand命令
windows·openssl
Humbunklung10 天前
VC++ 使用OpenSSL创建RSA密钥PEM文件
开发语言·c++·openssl
深耕AI1 个月前
Win64OpenSSL-3_5_2.exe【安装步骤】
openssl
看那山瞧那水1 个月前
DELPHI 利用OpenSSL实现加解密,证书(X.509)等功能
delphi·openssl
洋哥网络科技2 个月前
openssl升级
openssl
Lazy Dave2 个月前
gmssl私钥文件格式
网络安全·ssl·openssl
沉在嵌入式的鱼3 个月前
RK3588移植Openssl库
linux·rk3588·openssl
黑屋里的马3 个月前
ssl相关命令生成证书
服务器·网络·ssl·openssl·gmssl
fangeqin3 个月前
ubuntu源码安装python3.13遇到Could not build the ssl module!解决方法
linux·python·ubuntu·openssl
API开发3 个月前
苹果芯片macOS安装版Homebrew(亲测) ,一键安装node、python、vscode等,比绿色软件还干净、无污染
vscode·python·docker·nodejs·openssl·brew·homebrew
热门推荐
01两千字总结:Codex 国内如何安装和使用的教程,以及如何设置中文回答02GitHub 镜像站点03UV安装并设置国内源04KGG转MP3工具|非KGM文件|解密音频05jdk21下载、安装(Windows、Linux、macOS)06Linux下V2Ray安装配置指南07DeepSeek-VL 解析:混合视觉-语言模型如何超越传统计算机视觉方法08一文了解国产算子编程语言 TileLang,TileLang 对国产开源生态的影响与启示09Claude Code & 智谱GLM-4.5 环境配置指南 (Windows/macOS/Ubuntu)1046个Nano-banana 精选提示词,持续更新中