文章目录
ssl:加密服务
https服务需要ssl模块,需要在配置文件中开启
- yum安装,配置文件在/etc/httpd/conf.modules.d/00-base.conf
- 源码安装,在httpd.conf中进行配置
LoadModule ssl_module modules/mod_ssl.so
取消注释
CA生成一对密钥
生成私钥
[root@localhost ~]# cd /etc/pki/CA/
[root@localhost CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048)
Generating RSA private key, 2048 bit long modulus
..................+++
...........................................+++
e is 65537 (0x10001)
[root@localhost CA]# ls
certs crl newcerts private
[root@localhost CA]# ls private/
cakey.pem
必须有括号
提取公钥
[root@localhost CA]# openssl rsa -in private/cakey.pem -pubout
writing RSA key
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojA8YIory9qReLUI