[[Installmemo/OpenSSL]]
http://www.secomtrust.net/service/ninsyo/neforwebsr/5_2.html
[root@inasa /root]# /usr/local/bin/openssl genrsa -des 1024 > /tmp/private.key
Generating RSA private key, 1024 bit long modulus
.....++++++
.........................................++++++
e is 65537 (0x10001)
Enter pass phrase:
Verifying - Enter pass phrase:
[root@inasa /root]# cat /tmp/private.key
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-CBC,624B0A5F8D1D3CF2
ZIF3AX69uO1XUraDsHZ5Jo7HisG3siycJbgzlCK4rTByBXN/DhhLLWwfbKTY6CUv
hkhLdWZ0EiIEZXYEFIBsS7BPXXwndjENCYfajZxTs6NoEdTkuu3lIuA7prebzIGu
I0ih+VPGk/Ik/1lAKksLT+dLBp5NFcmXLBFfGvbH7VfeFHCqLR/82Or2xx3gG1cG
hsKCUDKafd5TAG62h24SgBDLgyibcNvR+0m94OAR+WIKSF5nv0qMNaAMXYsNiAZe
+22YEShgLX6AGq3LBG6I+oUZIXna8NS6TBTI5ypcfJycCbttYT9CP5TegF5vE1k3
Qnzagukdszggxs/Bj7bi8T1MCHjw2hBhnmHGXmAj33WdHljr7MPfzj8J5ziDY7vu
qtvgqSj2ZX60+c/7DiOuQEsoyarufvdelPcOy6o70olGrmjVaoz7QRJVukh+krTA
9Ma8jPvHJu9VWOh4M/eEgDFfpb39ynfZnGDGNwCLOynKItv48rWbLzoy0nl+RE28
bwyXANnEUq5jKtU0ltwogQygsLcDR31u/rWwHSATJpyDccbjRwtbvpMuesALQlFA
DBDBSpmSP29tvNo7ZSKX/opLhNDp0L0jNTv+a3DKXTuonbtJxbill/Zc15hrURIW
HDmsyddXPMqZRNXIXfa1vCHJPAaSk07BmnbZEy3lQPkR7K7o7Xh9qJ73E2aecGlO
7PUiFMD2HdQKtWEEgPTsGotbsPjitpHiLz7FGvRicu3R9BY8xywH152CXZD2z4zF
mIMnQLWd4mHNkJbXfXDv6oR3uaR5eBd/8VMx1kGDtpNGDJuNcSjgyA==
-----END RSA PRIVATE KEY-----
[root@inasa /root]# mv /tmp/private.key /tmp/private.key.pem
[root@inasa /root]# /usr/local/bin/openssl req -new -days 365 -key /tmp/private.key.pem -out /tmp/csr.pem
Enter pass phrase for /tmp/private.key.pem:
unable to load Private Key
17224:error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt:evp_enc.c:450:
17224:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c:423:
[root@inasa /root]# /usr/local/bin/openssl req -new -days 365 -key /tmp/private.key.pem -out /tmp/csr.pem
Enter pass phrase for /tmp/private.key.pem:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:chiba
Locality Name (eg, city) []:chiba
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Kailas
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:asagiri.dyndns.biz
Email Address []:xxxx@asagiri.dyndns.biz
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@inasa /root]# /usr/local/bin/openssl x509 -in /tmp/csr.pem -out /tmp/cert.pem -req -signkey /tmp/private.key.pem -d
ays 365
Signature ok
subject=/C=JP/ST=chiba/L=chiba/O=IBM/CN=asagiri.dyndns.biz/emailAddress=xxxx@asagiri.dyndns.biz
Getting Private key
Enter pass phrase for /tmp/private.key.pem:
----
[1][[OpenSSL:http://bitarts.jp/tech/linux/openssl.html]]
