• workspaces only allow trusted client with self-signed cert

    1. 生成CA

    openssl genrsa -out CA_neonone.com.key 2048
openssl req -x509 -new -nodes -key CA_neonone.com.key -sha256 -days 1024 -out CA_neonone.com.pem

     

     2. 生成csr

    openssl genrsa -out neonone.com.key 2048
openssl req -new -key neonone.com.key -out neonone.com.csr

     

     3. 新建v3.ext文件

    authorityKeyIdentifier=keyid,issuer
extendedKeyUsage = serverAuth, clientAuth, codeSigning, emailProtection
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment

    4. 生成证书

     openssl x509 -req -in neonone.com.csr -CA CA_neonone.com.pem -CAkey CA_neonone.com.key -CAcreateserial -out neonone.com.pem -days 365 -sha256 -extfile v3.ext

    5. 转换成pfx

    openssl pkcs12 -inkey neonone.com.key  -in neonone.com.pem  -export -out neonone.com.pfx

    6. 导入win7

    运行 Certmgr.msc

      6.1 导入根证书

      

       6.2 导入客户端证书

      

     7. 上传根证书到aws workspace ad

     
  • 相关阅读:
    java实习生面试
    使用vue可视化界面创建vue项目
    Git操作分支
    ECharts获取Json文件数据
    Java中字符串反转
    es6新增的API
    es5新增的数组的方法
    操作字符串的相关方法
    排序方法总结
    js内置对象-Array
  • 原文地址:https://www.cnblogs.com/divl/p/11937276.html
Copyright © 2020-2023  润新知