https://www.cnblogs.com/mlianga/p/17340879.html
[root@localhost ~]# systemctl status firewalld
○ firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
查询 SElinux的状态
[root@localhost ~]# /usr/sbin/sestatus -v
SELinux status: disabled
[root@localhost ~]# getenforce
Disabled
查询swap状态
[root@localhost ~]# /usr/sbin/sestatus -v
SELinux status: disabled
[root@localhost ~]# getenforce
Disabled
[root@localhost ~]# cat /proc/swaps
Filename Type Size Used Priority
/dev/dm-1 partition 2125820 0 -2
[root@localhost ~]# swapon -s
Filename Type Size Used Priority
/dev/dm-1 partition 2125820 0 -2
[root@localhost ~]# vi /etc/hosts 发现没有啥
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
~
~
inet 192.168.244.134/
https://www.cnblogs.com/mlianga/p/17340879.html
https://www.cnblogs.com/mlianga/p/17340879.html
生成第二个证书
[root@localhost ~]# curl -L https://pkg.cfssl.org/R1.2/cfssljson_linux-amd64 -o /usr/local/bin/cfssljson
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 167 100 167 0 0 75 0 0:00:02 0:00:02 --:--:-- 75
0 0 0 0 0 0 0 0 --:--:-- 0:00:12 --:--:-- 0
curl: (92) HTTP/2 stream 1 was not closed cleanly before end of the underlying stream
生成第三个证书
[root@localhost ~]# curl -L https://pkg.cfssl.org/R1.2/cfssl-certinfo_linux-amd64 -o /usr/local/bin/cfssl-certinfo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 167 100 167 0 0 116 0 0:00:01 0:00:01 --:--:-- 116
0 0 0 0 0 0 0 0 --:--:-- 0:00:02 --:--:-- 0
100 6440k 100 6440k 0 0 8041 0 0:13:40 0:13:40 --:--:-- 10657
[root@localhost local]# cd bin/
[root@localhost bin]# ls
cfssl cfssl-certinfo django-admin sqlformat
[root@localhost bin]# ls cfs* -a
cfssl cfssl-certinfo
[root@localhost bin]# ls cfs* -al
-rw-r--r-- 1 root root 1740800 8月 16 13:36 cfssl
-rw-r--r-- 1 root root 6595195 8月 16 13:59 cfssl-certinfo
[root@localhost bin]# chmod +x cfs*
[root@localhost bin]# ls cfs* -al
-rwxr-xr-x 1 root root 1740800 8月 16 13:36 cfssl
-rwxr-xr-x 1 root root 6595195 8月 16 13:59 cfssl-certinfo
[root@localhost bin]#
发现有问题
重新生成第二个证书
[root@localhost /]# curl -L https://pkg.cfssl.org/R1.2/cfssljson_linux-amd64 -o /usr/local/bin/cfssljson
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 167 100 167 0 0 103 0 0:00:01 0:00:01 --:--:-- 103
0 0 0 0 0 0 0 0 --:--:-- 0:00:02 --:--:-- 0
100 2224k 100 2224k 0 0 7948 0 0:04:46 0:04:46 --:--:-- 9381
此时有三个证书
[root@localhost bin]# chmod +x cfssljson
[root@localhost bin]# ls cfssl* -al
-rwxr-xr-x 1 root root 1740800 8月 16 13:36 cfssl
-rwxr-xr-x 1 root root 6595195 8月 16 13:59 cfssl-certinfo
-rwxr-xr-x 1 root root 2277873 8月 16 14:18 cfssljson
[root@localhost bin]#
创建证书签名的过程
[root@localhost ssl]# ls
ca-config.json ca-csr.json
[root@localhost ssl]# vi ca-config.json
[root@localhost ssl]# vi ca-csr.json
[root@localhost ssl]# ls
ca-config.json ca-csr.json
[root@localhost ssl]# mv ca-config.json ca-config1.sh
[root@localhost ssl]# ls
ca-config1.sh ca-csr.json
[root@localhost ssl]# mv ca-csr.json ca-csr2.sh
[root@localhost ssl]# ls
ca-config1.sh ca-csr2.sh
[root@localhost ssl]# chmod +x ca-c*
[root@localhost ssl]# ls
ca-config1.sh ca-csr2.sh
[root@localhost ssl]# ./ca-config1.sh
[root@localhost ssl]# ls
ca-config1.sh ca-config.json ca-csr2.sh
[root@localhost ssl]# vi ca-config.json
[root@localhost ssl]# ./ca-csr2.sh
[root@localhost ssl]# ls
ca-config1.sh ca-config.json ca-csr2.sh ca-csr.json
[root@localhost ssl]# vi ca-csr.json
[root@localhost ssl]# ls
ca-config1.sh ca-config.json ca-csr2.sh ca-csr.json
[root@localhost ssl]#