• OpenSSL证书生成参考


    OpenSSL证书生成参考:

    部分参考: https://blog.csdn.net/qq_37979887/article/details/80491849

    Microsoft Windows [版本 6.1.7601]
    版权所有 (c) 2009 Microsoft Corporation。保留所有权利。

    C:UsersXinSai>type server.crt server.key > server.pem

    server.crt

    server.key

    牵涉到密钥的密码是:callcenter(请按你自己的密码设定)

    • 第1步:
    C:UsersXinSai>openssl
    OpenSSL> genrsa -des3 -out server.key 2048
    Generating RSA private key, 2048 bit long modulus (2 primes)
    .............+++++
    ................+++++
    e is 65537 (0x010001)
    Enter pass phrase for server.key:
    Verifying - Enter pass phrase for server.key:
    
    • 第2步:
    OpenSSL> req -new -key server.key -out server.csr
    Enter pass phrase for server.key:
    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter '.', the field will be left blank.
    -----
    Country Name (2 letter code) [AU]:CN
    State or Province Name (full name) [Some-State]:Beijing
    Locality Name (eg, city) []:Beijing
    Organization Name (eg, company) [Internet Widgits Pty Ltd]:sjht
    Organizational Unit Name (eg, section) []:info technology
    Common Name (e.g. server FQDN or YOUR name) []:www.callcenter.com
    Email Address []:2043785563@qq.com
    
    Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []:callcenter
    An optional company name []:sjht
    
    
    • 第3步:
    OpenSSL> rsa -in server.key -out server_no_passwd.key
    Enter pass phrase for server.key:
    writing RSA key
    
    
    • 第4步:
    OpenSSL> x509 -req -days 365 -in server.csr -signkey server_no_passwd.key -out server.crt
    Signature ok
    subject=C = CN, ST = Beijing, L = Beijing, O = sjht, OU = info technology, CN =
    callcenter.com, emailAddress = 394703489@qq.com
    Getting Private key
    
    
    • 第5步:quit 退出OpenSSL,直接用cmd执行:
    OpenSSL> quit
    C:UsersXinSai>type server.crt server_no_passwd.key > server.pem.
    server.crt
    server_no_passwd.key
    C:UsersXinSai>
    
    • 第6步:
      最后一步记得合成:
    type server.crt server_no_passwd.key > server.pem
    
    • 第7步:生成iis要用的证书
    OpenSSL> pkcs12 -export -clcerts -in server.crt -inkey server_no_passwd.key -out
     iis.pfx
    Enter Export Password:
    Verifying - Enter Export Password:
    OpenSSL>
    

    去掉浏览器开始提示的HTTPS页面:
    https://blog.csdn.net/haowai501/article/details/80269807

    允许浏览器执行不安全的证书:
    https://segmentfault.com/a/1190000021843971

    1. 找到你的Chrome快捷方式.
    2. 右键图标,选择属性
    3. 找到”目标”文本框,里面的内容是你的Chrome程序路径,类似这样C:UsersAdministratorAppDataLocalGoogleChromeApplicationchrome.exe
    4. 在这段文本的后面输入一个空格,然后输入-ignore-certificate-errors
    5. 修改后的文本应该类似于这样:C:UsersAdministratorAppDataLocalGoogleChromeApplicationchrome.exe -ignore-certificate-errors
    6. 点击确定
    7. 重新打开你的Chrome浏览器
  • 相关阅读:
    《模糊测试--强制发掘安全漏洞的利器》阅读笔记(一)
    BrickerBot
    这些写的很好的PCA文章
    决策树(挖坑待填)
    线性回归
    关于给定DNA序列,如何找到合理的切割位点使得其退火温度保持相对一致
    生成全排列
    AVL树学习笔记
    二叉搜索树
    堆排序
  • 原文地址:https://www.cnblogs.com/zh672903/p/12952431.html
Copyright © 2020-2023  润新知