![[PukiWiki]](pukiwiki.png "[PukiWiki]")
SSL通信をするためのSSL証明書作成手順
$ openssl genrsa -des3 -out key.pem 1024 $ openssl rsa -in key.pem -out key.pem $ openssl req -new -days 365 -key key.pem -out csr.pem
最後のコマンドラインを実行するといくつか質問されるので適当妥当な答えを入れておきます。自分だけで使うので適当に入れても問題がないということなのだと自分では思ってますが…
Country Name (2 letter code) [AU]:JP State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) []:自分のホスト名 Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: cd /usr/local/apache2/ssl ./CA.sh -newca
Country Name (2 letter code) [AU]:JP State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) []:自分のホスト名 openssl ca -in /home/jp/source/csr.pem \ -keyfile demoCA/private/cakey.pem -cert \ demoCA/cacert.pem -out /usr/local/apache2/cert.pem [root@sigel conf]# mkdir ssl.crt [root@sigel conf]# mv ../cert.pem server.crt [root@sigel conf]# mkdir ssl.key [root@sigel conf]# cp /home/jp/source/key.pem ssl.key/ [root@sigel conf]# mv server.crt ssl.crt/ [root@sigel conf]# mv ssl.key/key.pem ssl.key/server.key
