Fedora18 証明書の作成
●証明書の作成方法
[root@localhost ~]# cd /etc/pki/tls/certs/
サーバー鍵の作成
[root@localhost certs]# make server.key
umask 77 ; \
/usr/bin/openssl genrsa -aes128 2048 > server.key
Generating RSA private key, 2048 bit long modulus
........................................................................................+++
.............................+++
e is 65537 (0x10001)
Enter pass phrase: #パスフレーズ入力 0987654321 (例)
Verifying - Enter pass phrase: #再度入力
秘密鍵からパスフレーズを削除します
[root@localhost certs]# openssl rsa -in server.key -out server.key
Enter pass phrase for server.key: 先ほどのパスフレーズを入力します
writing RSA key
証明書作成
[root@localhost certs]# make server.csr
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
----- ↓以下任意に環境に合わせて入力ください
Country Name (2 letter code) [XX]:JP
State or Province Name (full name) []:Tokyo
Locality Name (eg, city) [Default City]:Tokyo
Organization Name (eg, company) [Default Company Ltd]:sample.com
Organizational Unit Name (eg, section) []:Web Server
Common Name (eg, your name or your server's hostname) []:sample.com
Email Address []:administrator@sample.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:0987654321
An optional company name []:
●有効期限が10年の自己証明書を作成します。
[root@localhost certs]# openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650
Signature ok
subject=/C=JP/ST=Tokyo/L=Tokyo/O=sample.com/OU=Web/CN=sample.com/emailAddress=administrator@sample.com
Getting Private key
証明書はroot以外読取できないようにします。
[root@localhost certs]# chmod 400 server.*
[root@localhost certs]# ls -l
合計 1480
-rw-r--r--. 1 root root 2242 9月 11 04:06 Makefile
-rw-r--r--. 1 root root 704495 7月 23 2012 ca-bundle.crt
-rw-r--r--. 1 root root 787088 7月 23 2012 ca-bundle.trust.crt
-rwxr-xr-x. 1 root root 610 9月 11 04:06 make-dummy-cert
-r-------- 1 root root 1387 2月 11 20:31 server.crt
-r-------- 1 root root 1184 2月 11 20:30 server.csr
-r-------- 1 root root 1679 2月 11 20:27 server.key
★CentOS7 まとめ
★Ubuntu14 まとめ
★Ubuntu12用無線アダプタ紹介
★Ubuntu12 まとめ
★Server 2008R2 まとめ
★SCCM2012R2 まとめ
★Windows10 アップグレード
★Windows7 まとめ
★Windows7 SSD まとめ
★Windows8 まとめ
★EaseUS Todo Backup Server
★Linux Destbision まとめ
★Linuxコマンド関連Index
★Zorin8.1まとめ
★Fedora17まとめ
★Fedora15まとめ
☆VB Script まとめ
★USB3.0で快適バックアップ
★リンク集・メール
・はじめての自宅サーバ構築 - Fedora/CentOS -
SCCM Backup 遠隔操作 VirtualBox FeliCaポート/パソリ ESXi
<%plugin_third_description>
<%plugin_third_content><%plugin_third_description2>