Tag Archives: openssl

申请证书-1

申请SSL证书,首先要生成证书请求文件CSR,一般的方式是在你要安装的ssl证书的服务器上生成该文件,下面是在linux服务器上生成CSR和key密钥文件的方法,登录服务器后: 输入如下命令 ,然后回车,这将生成key 和 CSR,以下命令中的域名可以替换成你自己的域名,。

openssl req -out www_cheapssl_cn.csr -new -sha256 -newkey rsa:2048 -nodes -keyout www_cheapssl_cn.key

以上是生成CSR的命令, 以下是整个生成CSR的过程,以供参考。

[root@lala ~]# openssl req -out www_cheapssl_cn.csr -new -sha256 -newkey rsa:2048 -nodes -keyout www_cheapssl_cn.key
Generating a 2048 bit RSA private key
……………………………………………………………….+++
……………………………………………+++
writing new private key to ‘www_cheapssl_cn.key’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [XX]:CN //国家 中国填写CN
State or Province Name (full name) []: Guangdong //省
Locality Name (eg, city) [Default City]: Guangzhou //市
Organization Name (eg, company) [Default Company Ltd]: Cheapssl //填写组织或企业名称 ,如果是个人随便填写 一般填写英语或拼音
Organizational Unit Name (eg, section) []: IT //部门
Common Name (eg, your name or your server’s hostname) []: www.cheapssl.cn //这个最重要 填写要申请证书的域名
Email Address []: admin@cheapssl.cn //邮箱 Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []: //不用填写 回车即可
An optional company name []: //不用填写 回车即可

完成后将生成两个文件 www_cheapssl_cn.csr 和 www_cheapssl_cn.key ,打开www_cheapssl_cn.csr ,复制里面所有代码,用于申请证书 ,保存好 www_cheapssl_cn.key ,安装的时候要用到这个文件。

from:在Linux服务器或VPS上生成CSR(证书请求文件)

refer:

Generate a CSR for Apache with OpenSSL

OpenSSL CSR Creation for Apache

生成CSR证书请求文件

常用Openssl命令