[root@centos7 ~]# cd /etc/pki/tls/certs
[root@centos7 certs]# make vsftpd.pem
umask 77 ; \
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
/usr/bin/openssl req -utf8 -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 -set_serial 0 ; \
cat $PEM1 > vsftpd.pem ; \
echo "" >> vsftpd.pem ; \
cat $PEM2 >> vsftpd.pem ; \
rm -f $PEM1 $PEM2
Generating a 2048 bit RSA privatekey
.........................................+++
.......................................................+++
writing newprivatekeyto'/tmp/openssl.7gPwj6'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:beijing
Locality Name (eg, city) [Default City]:haidian
Organization Name (eg, company) [Default Company Ltd]:haiyun.com
Organizational Unit Name (eg, section) []:opt
Common Name (eg, your name or your server's hostname) []:www.ihaiyun.cc
Email Address []:
[root@centos7 certs]# openssl x509 -in vsftpd.pem -noout -text # 查看证书
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=CN, ST=beijing, L=haidian, O=haiyun.com, OU=opt, CN=www.ihaiyun.cc
Validity
Not Before: Oct 1307:10:132017 GMT
Not After : Oct 1307:10:132018 GMT
Subject: C=CN, ST=beijing, L=haidian, O=haiyun.com, OU=opt, CN=www.ihaiyun.cc
Subject PublicKey Info:
PublicKey Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d3:7d:40:95:ed:7b:c1:a2:ed:88:6e:bd:0c:c6:
7d:24:d1:5e:b3:f1:d5:9a:ef:6b:83:95:89:13:64:
7b:91:12:60:c9:cd:32:ed:2c:fe:48:48:9f:bb:d7:
b3:48:5f:b4:5a:1e:74:d1:d1:71:37:e6:7b:9c:bc:
df:ce:a4:64:f4:8e:bd:23:0e:13:5d:54:a3:94:90:
6c:6f:34:bb:b3:8a:ab:57:f0:95:d0:95:18:1d:24:
20:cb:fd:4f:57:9a:62:c6:7c:0e:78:10:3a:9c:56:
46:3a:3f:b8:6a:88:d5:c6:43:88:a2:8b:5d:96:d6:
a3:7e:8f:47:bb:d5:95:3d:6a:4f:1c:f7:a6:a4:2d:
65:7e:c6:23:fd:b4:e5:a8:a5:1a:e4:0f:2c:27:d5:
bc:b0:2e:51:50:8e:8f:cf:b9:ea:e6:4c:5c:24:05:
d1:76:68:32:3e:23:38:02:81:9d:a2:40:c8:ca:91:
b9:ee:4b:e5:bb:75:06:09:7f:9b:47:6e:c3:3f:e1:
b4:48:ad:39:c8:7d:ab:a0:61:1c:bb:c5:ba:f5:e2:
9c:3e:e4:34:d0:7e:f8:8c:51:0d:e8:0c:c4:66:6f:
3a:44:a9:e2:56:be:1e:26:f3:d5:18:0a:86:4e:22:
bd:ac:a6:12:25:b6:56:7c:fb:9b:25:02:01:17:e4:
a7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:F2:61:FD:CD:29:64:49:18:14:7B:E5:DF:A5:DC:CC:69:1C:44:C4
X509v3 Authority Key Identifier:
keyid:48:F2:61:FD:CD:29:64:49:18:14:7B:E5:DF:A5:DC:CC:69:1C:44:C4
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
08:a0:5d:34:eb:05:f8:75:f2:15:5e:38:0b:cf:1d:86:7d:8e:
cb:f9:b5:7e:b3:15:1b:b5:b2:4b:e4:d8:64:09:c4:71:9b:17:
67:12:7d:24:6b:af:cb:22:6b:08:6f:e9:af:35:5e:54:5f:43:
38:57:3c:8c:c5:ac:28:43:cf:6c:9b:1e:46:28:e3:6a:05:f3:
70:0e:d1:26:2e:44:2c:4b:c6:26:70:82:a3:97:f6:fc:ea:1d:
76:19:f7:96:3d:76:9a:95:19:5b:14:7f:4f:e0:87:18:df:cb:
79:20:b4:f2:f7:e1:b9:aa:ae:3b:0d:b2:98:e4:76:ee:35:77:
f3:e4:03:7c:77:47:47:e4:78:6b:1a:45:04:1a:37:ca:f5:58:
e3:a5:8e:07:31:0d:2c:cc:79:d5:00:1c:85:a5:00:8f:f1:fa:
20:bb:4e:1e:a0:3a:64:55:d4:76:04:75:85:6d:de:24:bb:54:
56:bb:62:3d:1b:49:90:36:af:09:3d:df:56:28:e7:c8:f5:e6:
ee:ca:0f:43:00:c7:1a:f3:d4:56:24:5e:da:73:73:0c:ed:6b:
d8:82:47:3e:6c:5d:3c:23:03:e4:8d:43:31:e9:c4:c5:df:90:
79:c3:c9:fb:cd:44:45:8d:27:a7:e6:30:a8:a8:3f:bb:f1:a2:
ae:c1:f5:a4