- 论坛徽章:
- 0
|
转个东西给你,关于证书的生成
use openssl to create certificate.
Here are the steps with OpenSSL to create a self-signed certificate. Save the CSR that the webserver sent you; here it's called file.csr.
> openssl genrsa -des3 -out ca.key 4096
(creates a 4096 bit RSA key called ca.key)
> openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
(once you've filled in the requested details, creates a certificate called ca.crt using the ca.key file you created in the previous step).
> openssl x509 -req -days 3650 -in file.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
(takes the CSR file the CA cert and creates a certificate file for your web server called server.crt)
Now you can install the server.crt file at the admin server by clicking on the 'Install Certificate' link in the Security tab - just paste the file's contents into the message text field.
Note that the '-days 3650' part of the OpenSSL commands above makes your cert valid for about 10 years!
export LD_LIBRARY_PATH=/export/home/
certutil -N -d dirroot/alias -P slapd-prefix- |
|
免费注册
发表于 2006-11-16 16:09
