mkdir /usr/local/apache2/conf/ssl.crt
#为你的Apache服务器创建一个RSA私用密钥
openssl genrsa -des3 -passout pass:asecretpassword -out /usr/local/apache2/conf/ssl.crt/server.key.org 1024
#用服务器RSA私用密钥生成一个证书签署请求(CSR-Certificate Signing Request)
openssl req -new -passin pass:asecretpassword -passout pass:asecretpassword -key /usr/local/apache2/conf/ssl.crt/server.key.org -out /usr/local/apache2/conf/ssl.crt/server.csr -days 3650
# 3650 is ten yearsi对认证签署请求进行认证,得到认证证书
openssl req -x509 -passin pass:asecretpassword -passout pass:asecretpassword -key /usr/local/apache2/conf/ssl.crt/server.key.org -in /usr/local/apache2/conf/ssl.crt/server.csr -out /usr/local/apache2/conf/ssl.crt/server.crt -days 3650
#如果没有这一步,启动apache+ssl会要求输入密码,有下面这一步,就可以不用passwod
openssl rsa -passin pass:asecretpassword -in /usr/local/apache2/conf/ssl.crt/server.key.org -out /usr/local/apache2/conf/ssl.crt/server.key
#
mkdir /usr/local/apache2/conf/ssl.key
#
mv /usr/local/apache2/conf/ssl.crt/server.key /usr/local/apache2/conf/ssl.key/server.key
#
chmod 400 /usr/local/apache2/conf/ssl.key/server.key
阅读(3099) | 评论(0) | 转发(0) |