Ubuntu 新しいページはコチラ
提供: yonewiki
(→証明書の設定) |
(→証明書の設定) |
||
166行: | 166行: | ||
e is 65537 (0x10001) | e is 65537 (0x10001) | ||
/usr/lib/ssl# '''openssl req -new -key ca.key -subj "/C=JP/ST=Tokyo-To/L=Tokyo-city/O=yo-netrollxx/OU=IT dept./CN=yo-netrollxxCA" > ca.csr''' | /usr/lib/ssl# '''openssl req -new -key ca.key -subj "/C=JP/ST=Tokyo-To/L=Tokyo-city/O=yo-netrollxx/OU=IT dept./CN=yo-netrollxxCA" > ca.csr''' | ||
+ | /usr/lib/ssl# '''openssl x509 -days 3650 -req -signkey ca.key < ca.csr > ca.crt''' | ||
+ | Signature ok | ||
+ | subject=/C=JP/ST=Tokyo-To/L=Tokyo-city/O=yo-netrollxx/OU=IT dept./CN=yo-netrollxxCA | ||
+ | Getting Private key | ||
/usr/lib/ssl# '''openssl genrsa 2048 > server.key''' | /usr/lib/ssl# '''openssl genrsa 2048 > server.key''' | ||
Generating RSA private key, 2048 bit long modulus | Generating RSA private key, 2048 bit long modulus | ||
173行: | 177行: | ||
/usr/lib/ssl# '''openssl req -new -key server.key -subj "/C=JP/ST=Tokyo-To/L=Tokyo-city/O=yo-netrollxx/OU=IT dept./CN=192.xxx.xxx.xxx" > server.csr ''' | /usr/lib/ssl# '''openssl req -new -key server.key -subj "/C=JP/ST=Tokyo-To/L=Tokyo-city/O=yo-netrollxx/OU=IT dept./CN=192.xxx.xxx.xxx" > server.csr ''' | ||
/usr/lib/ssl# '''openssl ca -days 3650 -cert ca.crt -keyfile ca.key -in server.csr > server.crt''' | /usr/lib/ssl# '''openssl ca -days 3650 -cert ca.crt -keyfile ca.key -in server.csr > server.crt''' | ||
+ | Using configuration from /usr/lib/ssl/openssl.cnf | ||
+ | Check that the request matches the signature | ||
+ | Signature ok | ||
+ | Certificate Details: | ||
+ | Serial Number: 1 (0x1) | ||
+ | Validity | ||
+ | Not Before: Apr 17 14:47:37 2017 GMT | ||
+ | Not After : Apr 15 14:47:37 2027 GMT | ||
+ | Subject: | ||
+ | countryName = JP | ||
+ | stateOrProvinceName = Tokyo-To | ||
+ | organizationName = yo-netrollxx | ||
+ | organizationalUnitName = IT dept. | ||
+ | commonName = 192.xxx.xxx.xxx | ||
+ | X509v3 extensions: | ||
+ | X509v3 Basic Constraints: | ||
+ | CA:FALSE | ||
+ | Netscape Comment: | ||
+ | OpenSSL Generated Certificate | ||
+ | X509v3 Subject Key Identifier: | ||
+ | XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX | ||
+ | X509v3 Authority Key Identifier: | ||
+ | DirName:/C=JP/ST=Tokyo-To/L=Tokyo-city/O=yo-netrollxx/OU=IT dept./CN=yo-netrollxxCA | ||
+ | serial:XX:XX:XX:XX:XX:XX:XX:XX | ||
+ | |||
+ | Certificate is to be certified until Apr 15 14:47:37 2027 GMT (3650 days) | ||
+ | Sign the certificate? [y/n]:y | ||
+ | |||
+ | |||
+ | 1 out of 1 certificate requests certified, commit? [y/n]y | ||
+ | Write out database with 1 new entries | ||
+ | Data Base Updated | ||
==== '''Apacheのインストール''' ==== | ==== '''Apacheのインストール''' ==== |