$ openssl req -new -key ca.key -out ca.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what iscalled a Distinguished Nameor a DN. There are quite a few fields but you can leave some blank Forsome fields there will be a defaultvalue, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: State or Province Name (fullname) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) []:ipv6.zywvvd.com Email Address []:
Please enter the following'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
$ openssl req -new -key server_private.key -outserver.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what iscalled a Distinguished Nameor a DN. There are quite a few fields but you can leave some blank Forsome fields there will be a defaultvalue, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: State or Province Name (fullname) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) []:ipv6.zywvvd.com Email Address []:
Please enter the following'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
Generating a RSA private key ...+++++ .....................................+++++ writing newprivate key to'nginx.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) []:ipv6.zywvvd.com Email Address []:
生成 nginx.key nginx.crt 文件
流程二
设置server.key,这里需要设置两遍密码:
1
openssl genrsa -des3 -out server.key 2048
参数设置,首先这里需要输入之前设置的密码:
1
openssl req -new -key server.key -out server.csr
然后需要输入如下的信息,Common Name 需要正确填写
1 2 3 4 5 6 7 8 9 10 11 12
Country Name (2 letter code) [AU]: 国家名称 State or Province Name (full name) [Some-State]: 省 Locality Name (eg, city) []: 城市 Organization Name (eg, company) [Internet Widgits Pty Ltd]: 公司名 Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) []: 网站域名 Email Address []: 邮箱
Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: 这里要求输入密码 An optional company name []: