![openssl 生成csr](https://i-blog.csdnimg.cn/blog_migrate/b826ffded7c4062f02553ceb6169086f.png)
openssl 生成csr
OpenSSL provides different features about security and certificates. Public and Private Key cryptography also supported by OpenSSL. Websites, Firewalls and other applications uses Certificates in order to encrypt their network traffic or authenticate each other. In this tutorial we will look how to create Certificate Signing Request.
OpenSSL提供有关安全性和证书的不同功能。 OpenSSL还支持公钥和私钥加密。 网站,防火墙和其他应用程序使用证书来加密其网络流量或相互认证。 在本教程中,我们将研究如何创建证书签名请求。
生成RSA密钥 (Generate RSA Key)
Now we assume we do not have any Public and Private Key pair. If we have Public and Private key pair please skip to the second step. RSA is very popular and efficient asymmetric encryption algorithm used by a lot of security mechanisms.We can also use RSA in X509 certificates. In this step we will create create an RSA Private key with PEM
format. This key size will be 2048
bit.
现在我们假设我们没有任何公钥和私钥对。 如果我们有公钥和私钥对,请跳至第二步。 RSA是非常流行且高效的非对称加密算法,被许多安全机制使用。我们也可以在X509证书中使用RSA。 在这一步中,我们将创建一个PEM
格式的RSA私钥。 密钥大小为2048
位。
$ openssl genrsa -out myprivate.pem 2048
![Generate RSA Key](https://i-blog.csdnimg.cn/blog_migrate/075fb700d51ef9914fb3c5257423ae33.png)
证书签名(Certificate Signing)
Certificate signing means an Authority or Certificate Authority have checked provided certificate and signed it with its private key. After that step the entities trust Certificate Authority will see and check the sign of the