自定义ssl证书
2016-07-07 19:28
274 查看
#!/bin/sh
# create self-signed server certificate:
read -p "Enter your domain [www.example.com]: " DOMAIN
echo "Create root certificate key with password..."
openssl genrsa -des3 -out $DOMAIN.root.key 2048
echo "Create root certificate signing request..."
ORG="Wenxiaoyou(Beijing)Technology,Co.,Ltd"
SUBJECT="/C=CN/ST=Beijing/L=Beijing/O=$ORG/OU=ITDept./CN=$DOMAIN"
openssl req -new -subj $SUBJECT -key $DOMAIN.root.key -out $DOMAIN.root.csr
echo "Remove password..."
openssl rsa -in $DOMAIN.root.key -out $DOMAIN.key
echo "Create server certificate signing request..."
openssl req -new -subj $SUBJECT -key $DOMAIN.key -out $DOMAIN.server.csr
echo "Sign SSL certificate..."
openssl x509 -req -days 3650 -in $DOMAIN.root.csr -signkey $DOMAIN.root.key -out $DOMAIN.root.crt
openssl x509 -req -days 3650 -CA $DOMAIN.root.crt -CAkey $DOMAIN.key -CAcreateserial -in $DOMAIN.server.csr -out $DOMAIN.server.crt
echo "TODO:"
echo "Copy $DOMAIN.crt to /etc/nginx/ssl/$DOMAIN.crt"
echo "Copy $DOMAIN.key to /etc/nginx/ssl/$DOMAIN.key"
echo "Add configuration in nginx:"
echo "server {"
echo " ..."
echo " listen 443 ssl;"
echo " ssl_certificate /etc/nginx/ssl/$DOMAIN.crt;"
echo " ssl_certificate_key /etc/nginx/ssl/$DOMAIN.key;"
echo "}"
# create self-signed server certificate:
read -p "Enter your domain [www.example.com]: " DOMAIN
echo "Create root certificate key with password..."
openssl genrsa -des3 -out $DOMAIN.root.key 2048
echo "Create root certificate signing request..."
ORG="Wenxiaoyou(Beijing)Technology,Co.,Ltd"
SUBJECT="/C=CN/ST=Beijing/L=Beijing/O=$ORG/OU=ITDept./CN=$DOMAIN"
openssl req -new -subj $SUBJECT -key $DOMAIN.root.key -out $DOMAIN.root.csr
echo "Remove password..."
openssl rsa -in $DOMAIN.root.key -out $DOMAIN.key
echo "Create server certificate signing request..."
openssl req -new -subj $SUBJECT -key $DOMAIN.key -out $DOMAIN.server.csr
echo "Sign SSL certificate..."
openssl x509 -req -days 3650 -in $DOMAIN.root.csr -signkey $DOMAIN.root.key -out $DOMAIN.root.crt
openssl x509 -req -days 3650 -CA $DOMAIN.root.crt -CAkey $DOMAIN.key -CAcreateserial -in $DOMAIN.server.csr -out $DOMAIN.server.crt
echo "TODO:"
echo "Copy $DOMAIN.crt to /etc/nginx/ssl/$DOMAIN.crt"
echo "Copy $DOMAIN.key to /etc/nginx/ssl/$DOMAIN.key"
echo "Add configuration in nginx:"
echo "server {"
echo " ..."
echo " listen 443 ssl;"
echo " ssl_certificate /etc/nginx/ssl/$DOMAIN.crt;"
echo " ssl_certificate_key /etc/nginx/ssl/$DOMAIN.key;"
echo "}"
相关文章推荐
- Mac下IDEA的使用之常用快捷键篇
- VS2015 使用微软自带的单元测试框架测试本地C++代码的注意事项
- java,method,contructor,class,属性 程序
- push_heap 源码剖析
- ListView中的每个Item嵌套使用ToggleButton
- laravel框架中使用model层
- 基于tiny4412的Linux内核移植 -- 设备树的展开
- {小结}2016.07.07【初中部 NOIP提高组 】模拟赛C
- 《机器学习》周志华 习题答案 10.1
- 残缺棋盘问题
- 使用maven一步一步构建spring mvc项目
- PIL初步学习
- [置顶] php高效率写法
- KMP
- 安装 RPM 包或者安装源码包
- 自定义View
- 如何修改Main.storyboard文件里模拟器的大小
- 自动轮播
- eclipse反编译插件jd-eclipse
- 矩阵 快速幂