Mainos / Advertisement:

Ero sivun ”Openssl” versioiden välillä

Kohteesta Taisto
Siirry navigaatioon Siirry hakuun
Rivi 14: Rivi 14:
  
 
   cd /etc/ssl/localcerts
 
   cd /etc/ssl/localcerts
 +
 +
== openssl.cnf ==
 +
 +
  [ req_distinguished_name ]
 +
  countryName                    = Country Name (2 letter code)
 +
  countryName_default            = FI
 +
  countryName_min                = 2
 +
  countryName_max                = 2
 +
 
 +
  stateOrProvinceName            = State or Province Name (full name)
 +
  stateOrProvinceName_default    = Lääni/Provinssi
 +
 
 +
  localityName                    = Locality Name (eg, city)
 +
  localityName_default            = Kaupunki
 +
 
 +
  0.organizationName              = Organization Name (eg, company)
 +
  0.organizationName_default      = Organisaation nimi
 +
 
 +
  # we can do this but it is not needed normally :-)
 +
  #1.organizationName            = Second Organization Name (eg, company)
 +
  #1.organizationName_default    = World Wide Web Pty Ltd
 +
 +
  organizationalUnitName          = Organizational Unit Name (eg, section)
 +
  #organizationalUnitName_default =
 +
 +
  commonName                      = Common Name (e.g. server FQDN or YOUR name)
 +
  commonName_max                  = 64
 +
 
 +
  emailAddress                    = Email Address
 +
  emailAddress_max                = 64
 +
 +
  
 
== RootCA  - Root sertifikaatti==
 
== RootCA  - Root sertifikaatti==

Versio 8. kesäkuuta 2014 kello 21.52

Asennus

1. Asennetaan Openssl

 aptitude install openssl

2. Luodaan kansio locacerts

mkdir /etc/ssl/localcerts

3. Siirry hakemistoon /etc/openssl/localcerts

 cd /etc/ssl/localcerts

openssl.cnf

 [ req_distinguished_name ]
 countryName                     = Country Name (2 letter code)
 countryName_default             = FI
 countryName_min                 = 2
 countryName_max                 = 2
 
 stateOrProvinceName             = State or Province Name (full name)
 stateOrProvinceName_default     = Lääni/Provinssi
 
 localityName                    = Locality Name (eg, city)
 localityName_default            = Kaupunki
 
 0.organizationName              = Organization Name (eg, company)
 0.organizationName_default      = Organisaation nimi
 
 # we can do this but it is not needed normally :-)
 #1.organizationName             = Second Organization Name (eg, company)
 #1.organizationName_default     = World Wide Web Pty Ltd
 organizationalUnitName          = Organizational Unit Name (eg, section)
 #organizationalUnitName_default =
 commonName                      = Common Name (e.g. server FQDN or YOUR name)
 commonName_max                  = 64
 
 emailAddress                    = Email Address
 emailAddress_max                = 64


RootCA - Root sertifikaatti

1. Luodaan RSA avain

 openssl genrsa -des3 -out rootCA.key 4096
  • des3 = salasana suojattu
  • rootCA.key = tiedoston nimi
  • 4096 = RSA avaimen pituus

2. Luodaan sertifikaatti

openssl req -x509 -new -nodes -key rootCA.key -days 36500 -out rootCA.crt
Mainos / Advertisement: