Top / Installmemo / SSL
Installmemo/OpenSSL
http://www.secomtrust.net/service/ninsyo/neforwebsr/5_2.html
[root@inasa /root]# /usr/local/bin/openssl genrsa -des 1024 > /tmp/private.key
Generating RSA private key, 1024 bit long modulus
.....++++++ .........................................++++++ e is 65537 (0x10001) Enter pass phrase: Verifying - Enter pass phrase:
[root@inasa /root]# cat /tmp/private.key
-----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-CBC,624B0A5F8D1D3CF2 ZIF3AX69uO1XUraDsHZ5Jo7HisG3siycJbgzlCK4rTByBXN/DhhLLWwfbKTY6CUv hkhLdWZ0EiIEZXYEFIBsS7BPXXwndjENCYfajZxTs6NoEdTkuu3lIuA7prebzIGu I0ih+VPGk/Ik/1lAKksLT+dLBp5NFcmXLBFfGvbH7VfeFHCqLR/82Or2xx3gG1cG hsKCUDKafd5TAG62h24SgBDLgyibcNvR+0m94OAR+WIKSF5nv0qMNaAMXYsNiAZe +22YEShgLX6AGq3LBG6I+oUZIXna8NS6TBTI5ypcfJycCbttYT9CP5TegF5vE1k3 Qnzagukdszggxs/Bj7bi8T1MCHjw2hBhnmHGXmAj33WdHljr7MPfzj8J5ziDY7vu qtvgqSj2ZX60+c/7DiOuQEsoyarufvdelPcOy6o70olGrmjVaoz7QRJVukh+krTA 9Ma8jPvHJu9VWOh4M/eEgDFfpb39ynfZnGDGNwCLOynKItv48rWbLzoy0nl+RE28 bwyXANnEUq5jKtU0ltwogQygsLcDR31u/rWwHSATJpyDccbjRwtbvpMuesALQlFA DBDBSpmSP29tvNo7ZSKX/opLhNDp0L0jNTv+a3DKXTuonbtJxbill/Zc15hrURIW HDmsyddXPMqZRNXIXfa1vCHJPAaSk07BmnbZEy3lQPkR7K7o7Xh9qJ73E2aecGlO 7PUiFMD2HdQKtWEEgPTsGotbsPjitpHiLz7FGvRicu3R9BY8xywH152CXZD2z4zF mIMnQLWd4mHNkJbXfXDv6oR3uaR5eBd/8VMx1kGDtpNGDJuNcSjgyA== -----END RSA PRIVATE KEY-----
[root@inasa /root]# mv /tmp/private.key /tmp/private.key.pem
[root@inasa /root]# /usr/local/bin/openssl req -new -days 365 -key /tmp/private.key.pem -out /tmp/csr.pem
Enter pass phrase for /tmp/private.key.pem: unable to load Private Key 17224:error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt:evp_enc.c:450: 17224:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c:423:
[root@inasa /root]# /usr/local/bin/openssl req -new -days 365 -key /tmp/private.key.pem -out /tmp/csr.pem
Enter pass phrase for /tmp/private.key.pem: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:JP State or Province Name (full name) [Some-State]:chiba Locality Name (eg, city) []:chiba Organization Name (eg, company) [Internet Widgits Pty Ltd]:Kailas Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []:asagiri.dyndns.biz Email Address []:xxxx@asagiri.dyndns.biz Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
[root@inasa /root]# /usr/local/bin/openssl x509 -in /tmp/csr.pem -out /tmp/cert.pem -req -signkey /tmp/private.key.pem -d
ays 365
Signature ok
subject=/C=JP/ST=chiba/L=chiba/O=IBM/CN=asagiri.dyndns.biz/emailAddress=xxxx@asagiri.dyndns.biz
Getting Private key
Enter pass phrase for /tmp/private.key.pem:
[1]OpenSSL