wiki:tech/OpenSSL

Version 4 (modified by yuna, 55 years ago) (diff)

--

OpenSSLメモ

証明書の作成

秘密鍵と自己証明書の作成。サーバ証明書、クライアント証明書ともこのコマンド一発で作成できる。単に通信路の暗号化するだけなら、これで十分。

$ openssl.exe req -new -x509 -keyout server.key -out server.crt
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
...........................................++++++
............++++++
writing new private key to 'server-key.pem'
Enter PEM pass phrase: [パスワード入力]
Verifying - Enter PEM pass phrase: [パスワード入力(確認用)]
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:JP                       [日本の国コードJPを入力]
State or Province Name (full name) [Some-State]:Kanagawa   [証明書保有者の県名を入力]
Locality Name (eg, city) []:Kamakura                       [市名を入力]
Organization Name (eg, company) [Internet Widgits Pty Ltd]:[所属組織名(会社名、団体名)等を入力]
Organizational Unit Name (eg, section) []:                 [所属組織における部署を入力]
Common Name (eg, YOUR name) []:Taro Okamoto                [保有者の名前を入力]
Email Address []:taro@gmail.com                            [メールアドレスを入力]
$

これで、server.key(秘密鍵)とserver.crt(証明書)が作成される。