自签证SSL证书

Author Avatar
Kis Chang 11月 29, 2018

文档并不完善,找时间再填补,先备份历史日志。

1. 自建CA

ca 私钥

1
openssl genrsa -out ca.key 2048

ca 创建

1
2
openssl req -new -x509 -days 36500 -key ca.key -out ca.crt -subj \
"/C=CN/ST=Beijing/L=Beijing/O=Temp/OU=Temp"

2. ssl证书

ssl私钥

1
openssl genrsa -out server.key 2048

创建证书

1
2
openssl req -new -key server.key -out server.csr -subj \
"/C=CN/ST=Beijing/L=Beijing/O=Temborn/OU=tem.com/CN=owncloud.tem.com"

3. 签发ssl证书

准备工作

1
2
3
4
5
6
7
8
mkdir demoCA 
cd demoCA  
mkdir newcerts 
touch index.txt  
echo '01' > serial 
cd ..

openssl ca -in server.csr -out server.crt -cert ca.crt -keyfile ca.key

owncloud 的证书
目录:/mnt/data/certs

1
2
cd /usr/local/share/ca-certificates/
sudo update-ca-certificates