Skip to main content


Showing posts from January, 2016

OpenSSL 申请证书

SSL 证书会涉及到的几类文件: privkey.key     the private key for your certificate. identity.csr     the Certificate Signing Request. certificate.crt    the certificate file used in most server software. certificate.pfx   the PKCS#12 format is an archival file that stores both the certificate and the private key. By default, OpenSSL generates keys and CSRs using the PEM format (the raw).   1,Generating a new Private Key openssl genrsa -out private.key 2048   2, Creating Your domain CSR Creating Your domain CSR for an existing private key openssl req -new -key private.key -out identity.csr \     -subj "/C=US/ST=Utah/L=Lehi/O=CREAST, Inc./OU=IT/" or Creating CSR with One command: openssl req --new \    -newkey rsa:4096 -sha256 –nodes --keyout private.key \     -out identity.csr \    -subj "/CN=Bitwarden IdentityServer" -days 10950 Generate a certificate signing request based on an existing certificat