1
2
3
4
5
|
[root@station125 tls]# (umask
077
; openssl genrsa -out
private
/cakey.pem
2048
)
Generating RSA
private
key,
2048
bit long modulus
..+++
...............+++
e
is
65537
(
0x10001
)
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
[root@station125 tls]# openssl rsa -
in
private
/cakey.pem -pubout -text -noout
Private-Key: (
2048
bit)
modulus:
00
:c3:
21
:a0:b1:
84
:
23
:d5:
02
:c8:3e:a8:
69
:1c:5d:
fb:
49
:d6:9a:
05
:6b:cd:
76
:
54
:4e:3b:5e:
52
:f0:a0:
0d:b2:da:4e:0e:3d:
36
:
07
:
64
:4b:
74
:
71
:
73
:
84
:df:
c6:9e:d7:
15
:
40
:
02
:
65
:f6:
59
:
08
:
36
:3d:f4:
29
:f4:
16
:
91
:e5:d0:eb:fc:c8:
04
:8c:
05
:2f:
38
:b9:2e:3e:
24
:
03
:bd:
40
:e7:
80
:8a:
82
:
19
:f9:
39
:5c:2c:
41
:7c:
3e:
10
:a1:e4:
51
:
03
:3b:b2:
81
:c3:d1:0f:
10
:b3:e0:
e0:6d:bf:a3:f6:bb:a2:c2:b1:b8:0c:ec:e7:1c:
49
:
de:6c:5d:e6:
88
:
98
:d1:e5:
32
:8a:e3:
08
:
32
:cb:f0:
45
:f2:fa:f9:
66
:2e:e8:
79
:a7:d6:bc:
95
:2d:d9:c1:
db:7e:
59
:7b:c7:
99
:
44
:9f:
15
:
63
:
97
:0b:f8:e7:
84
:
46
:2f:
67
:
51
:5e:3f:
50
:2b:6b:
62
:
37
:
76
:9f:b3:5f:
eb:8d:d7:c7:
94
:a9:e5:5d:4c:
62
:
08
:
81
:e4:3e:e0:
20
:e6:ee:
51
:
32
:2a:bf:ef:d7:
35
:e9:
72
:
21
:
03
:9c:
b5:5c:
11
:
83
:
77
:3f:a5:6b:
06
:
15
:
58
:
57
:6c:
74
:3e:
14
:db:
06
:
41
:5b:d3:
92
:
36
:f4:f4:6a:f1:a9:da:
86
:
e7:
39
:7e:2a:de:e5:fd:de:3e:ec:af:
22
:b9:ec:
16
:
c6:2b
|
1
2
|
[root@station125 tls]# touch index.txt serial crlnumber
[root@station125 tls]# echo
01
> serial
|
1
2
|
[root@station125 tls]# mkdir /etc/httpd/ssl
[root@station125 tls]# cd /etc/httpd/ssl/
|
1
2
3
4
5
|
[root@station125 ssl]# (umask
077
; openssl genrsa -out httpd.key
1024
)
Generating RSA
private
key,
1024
bit long modulus
..++++++
...............................++++++
e
is
65537
(
0x10001
)
|
1
|
[root@station125 tls]# openssl ca -
in
http.crs -out http.crt -days
3650
|
1
|
[root@station125 tls]# openssl ca -revoke httpd.crt
|