作业一

最新推荐文章于 2021-12-11 08:08:55 发布
最新推荐文章于 2021-12-11 08:08:55 发布
阅读量206 收藏
点赞数
分类专栏: 作业 文章标签: linux
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/kingdom_xu/article/details/108425011
版权

1、在 CentOS7 中使用 gpg 创建 RSA 非对称密钥对

[root@centos7 ~]# gpg --gen-key
gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 1024
Requested keysize is 1024 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 
Key does not expire at all
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: centos7.key
Email address: 
Comment: 
You selected this USER-ID:
    "centos7.key"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O


[root@centos7 ~]# gpg --list-keys
/root/.gnupg/pubring.gpg
------------------------
pub   1024R/31F33761 2020-09-04
uid                  centos7.key
sub   1024R/E856ACD5 2020-09-04

2、将 CentOS7 导出的公钥,拷贝到 CentOS8 中,在 CentOS8 中使用 CentOS7 的公钥加密一个文件

[root@centos7 ~]# gpg --list-keys
/root/.gnupg/pubring.gpg
------------------------
pub   1024R/31F33761 2020-09-04
uid                  centos7.key
sub   1024R/E856ACD5 2020-09-04

[root@centos7 ~]# gpg -a --export -o centos7.pubkey
[root@centos7 ~]# ls
anaconda-ks.cfg  centos7.pubkey
[root@centos7 ~]# cat centos7.pubkey 
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.22 (GNU/Linux)

mI0EX1IylAEEAMRFpZuQ/yrTyfzbmAdqdwTv2b1dnYU0NOQaDGzEZFtGLMujuMeW
WmpCZKgqfEsuxl/Z23L4YJCagziEgMrQ0D+kDXFoTURYxPzqINSJNPuAhJ2O47kd
gxMAu/qwoKCR/KjlzCsLLP6HVFtOfrjXaKQyYEeEdlP7fs4NQ54/yh1nABEBAAG0
DmNlbnRvczcucHVia2V5iLkEEwECACMFAl9SMpQCGwMHCwkIBwMCAQYVCAIJCgsE
FgIDAQIeAQIXgAAKCRBsQW51MfM3YXXyBACTrW15AZCfEfWaqT+BROZYiZ4SUvgj
KnQCKC1mX6KXV5DP0sod9PJBz1ym7eHaBCzozn51z/AhZVWjDP/3vMSm6UFQZOzU
B/gjyTVoKFM4XFEP8iNZG3wjk1OnnZTR2QLQcf8E/xnP9d4Xu+QpjjGiNG8ZXviL
Mt4a03k4CkbjO7iNBF9SMpQBBADPZ1c6pNknpyFzoA4+BJEbqcvf+HrjiGOPKxhC
I9faCiD4R2CJ5nUuFMM+/i2RODFs+X21YMRllsBLuuu0yIOXbcZX1v1sbRIBI9Iw
mHTGmCltl7NuPNj6vITO6drFfM201/Kxq2GO4YPWv76V8TuBCyNrLLp8/qiLXXkB
r/DTcwARAQABiJ8EGAECAAkFAl9SMpQCGwwACgkQbEFudTHzN2H0tQP/VBSC6Zw/
sTi3BhmoDLccYKZJwXk3UnqvQUBnkb3j00u2E37dpeAx0FbEj+V6QQN9IgUNla2I
yQJV9gFc6Ot0pdHodHt995YbKhTW/lqo4MCWN80wQhQlpAGtoAjp7FHjZp+C5YJQ
1dvAh54qJU5gN0Ncz7lHm7xDOlQZxLGwqCs=
=OYAR
-----END PGP PUBLIC KEY BLOCK-----

[root@centos7 ~]# scp centos7.pubkey 10.0.0.8:/root
The authenticity of host '10.0.0.8 (10.0.0.8)' can't be established.
ECDSA key fingerprint is SHA256:r4COfaGRW6a9yYrF2tQRnKeZbPJj1UKfJyBBfliBJPw.
ECDSA key fingerprint is MD5:d5:15:30:7a:f6:d9:d6:4b:4d:e0:28:13:9b:ce:4f:ac.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.8' (ECDSA) to the list of known hosts.
root@10.0.0.8's password: 
centos7.pubkey                               100%  996   312.5KB/s   00:00

3、回到 CentOS7 服务器,远程拷贝 file.txt.gpg 文件到本地,使用 CentOS7的私钥解密文件

[root@centos8 ~]#gpg --gen-key
gpg (GnuPG) 2.2.9; Copyright (C) 2018 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: directory '/root/.gnupg' created
gpg: keybox '/root/.gnupg/pubring.kbx' created
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name: centos8.key
Email address: 
You selected this USER-ID:
    "centos8.key"

Change (N)ame, (E)mail, or (O)kay/(Q)uit? O
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key F5DD935F5056807E marked as ultimately trusted
gpg: directory '/root/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/root/.gnupg/openpgp-revocs.d/B7EE96B9780EE2850FE22393F5DD935F5056807E.rev'
public and secret key created and signed.

pub   rsa2048 2020-09-06 [SC] [expires: 2022-09-06]
      B7EE96B9780EE2850FE22393F5DD935F5056807E
uid                      centos8.key
sub   rsa2048 2020-09-06 [E] [expires: 2022-09-06]

[root@centos8 ~]#gpg --list-keys
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2022-09-06
/root/.gnupg/pubring.kbx
------------------------
pub   rsa2048 2020-09-06 [SC] [expires: 2022-09-06]
      B7EE96B9780EE2850FE22393F5DD935F5056807E
uid           [ultimate] centos8.key
sub   rsa2048 2020-09-06 [E] [expires: 2022-09-06]

[root@centos8 ~]#gpg --import centos7.pubkey 
gpg: key 6C416E7531F33761: public key "centos7.pubkey" imported
gpg: Total number processed: 1
gpg:               imported: 1
[root@centos8 ~]#gpg --list-keys
/root/.gnupg/pubring.kbx
------------------------
pub   rsa2048 2020-09-06 [SC] [expires: 2022-09-06]
      B7EE96B9780EE2850FE22393F5DD935F5056807E
uid           [ultimate] centos8.key
sub   rsa2048 2020-09-06 [E] [expires: 2022-09-06]

pub   rsa1024 2020-09-04 [SC]
      BE061776CEC9C274EC2147496C416E7531F33761
uid           [ unknown] centos7.pubkey
sub   rsa1024 2020-09-04 [E]

[root@centos8 ~]#gpg -e -r centos7.pubkey file.txt
gpg: 6D9D79A9E856ACD5: There is no assurance this key belongs to the named user
sub  rsa1024/6D9D79A9E856ACD5 2020-09-04 centos7.pubkey
 Primary key fingerprint: BE06 1776 CEC9 C274 EC21  4749 6C41 6E75 31F3 3761
      Subkey fingerprint: AE35 94D0 172A 8AE9 F69F  607A 6D9D 79A9 E856 ACD5

It is NOT certain that the key belongs to the person named
in the user ID.  If you *really* know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N) y
[root@centos8 ~]#cat file.txt
CentOS Linux release 8.0.1905 (Core) 
[root@centos8 ~]#cat file.txt.gpg |base64
hIwDbZ15qehWrNUBA/91ggIpGkRZLAfx58N9jhUjv3fnSYWSnpMRWL7rlft+gw4gRlqFVDG+4Tic
xLrCufPtReVZh+/A4Bn9THWDFWGyd6f3dw08xGLDMkrAQDEHRq1Lnp1lOS4vrKde6WqPYGTTv1EQ
H2UZKpNcytYM1yZnlCA6LRnl+UelQBk52bS4SNJpAYvHG60OAUvEUNiEQM+MMhCn0/gxONNj1HS1
7mCy00t6gyViwkxYyIYCUrmpg7FP7R+zTP+vNWjMhicm2gH4m1usP1G2CTstgKZCHYxU/+/jI33R
Cl1SJlD/nR5548sXY9SgsaDGdBQt

[root@centos8 ~]#scp file.txt.gpg 10.0.0.7:/root
root@10.0.0.7's password: 
file.txt.gpg                                 100%  249   113.9KB/s   00:00    

[root@centos7 ~]# gpg -d file.txt.gpg 
gpg: encrypted with 1024-bit RSA key, ID E856ACD5, created 2020-09-04
      "centos7.pubkey"
CentOS Linux release 8.0.1905 (Core) 
[root@centos7 ~]# gpg  -o file.txt -d file.txt.gpg
gpg: encrypted with 1024-bit RSA key, ID E856ACD5, created 2020-09-04
      "centos7.pubkey"
[root@centos7 ~]# ls
anaconda-ks.cfg  centos7.pubkey  file.txt  file.txt.gpg
[root@centos7 ~]# cat file.txt
CentOS Linux release 8.0.1905 (Core)

4、在 CentOS7 中使用 openssl 软件创建 CA

[root@centos7 ~]# touch /etc/pki/CA/index.txt
[root@centos7 ~]# echo 01 > /etc/pki/CA/serial
[root@centos7 ~]# cd /etc/pki/CA/
[root@centos7 CA]# (umask 066;openssl genrsa -out private/cakey.pem 2048)
Generating RSA private key, 2048 bit long modulus
.............+++
.................................................................+++
e is 65537 (0x10001)
[root@centos7 ~]# openssl req -new -x509 -key /etc/pki/CA/private/cakey.pem -out /etc/pki/CA/cacert.pem -days 3650
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:henan
Locality Name (eg, city) [Default City]:zhengzhou
Organization Name (eg, company) [Default Company Ltd]:magedu
Organizational Unit Name (eg, section) []:it
Common Name (eg, your name or your server's hostname) []:ca.kobe.com
Email Address []:
[root@centos7 ~]# openssl x509 -in /etc/pki/CA/cacert.pem -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            85:2b:1d:53:5a:a2:97:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=CN, ST=henan, L=zhengzhou, O=magedu, OU=it, CN=ca.kobe.com
        Validity
            Not Before: Sep  4 13:16:42 2020 GMT
            Not After : Sep  2 13:16:42 2030 GMT
        Subject: C=CN, ST=henan, L=zhengzhou, O=magedu, OU=it, CN=ca.kobe.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ca:31:c9:e0:cf:93:4a:be:d3:92:7a:12:08:61:
                    0d:2b:e3:a7:cb:b2:ae:a7:8b:9f:cf:94:3b:26:a8:
                    23:12:80:1b:a6:7c:64:85:5e:a1:63:b6:d9:e4:19:
                    6a:c9:5a:b5:ae:82:5e:d1:31:16:ea:11:61:8d:58:
                    26:b1:dd:28:6b:a8:da:9e:07:81:82:13:91:ba:3f:
                    55:e4:5c:53:73:f6:35:ed:f1:33:05:5d:10:a7:37:
                    6e:4f:70:bb:0a:39:72:95:7b:56:f0:09:64:45:11:
                    9e:c6:85:56:04:2c:45:ed:46:c2:ac:ac:ca:2c:02:
                    cc:dc:f1:47:a1:3d:6f:fb:08:c1:42:60:fa:d8:ae:
                    3b:99:be:08:2f:8c:eb:ef:40:b6:3e:9d:43:a0:82:
                    78:ba:f9:a8:fe:0f:46:07:fc:a0:48:ab:b8:ba:18:
                    64:a1:04:46:b7:a1:df:e0:82:68:ec:25:29:07:d1:
                    9e:69:68:eb:90:97:62:2c:13:ff:d6:14:e9:40:1d:
                    db:ba:2d:80:8e:48:25:a4:3f:23:46:19:6e:fb:75:
                    43:14:51:84:9f:2b:dd:ed:57:71:f9:03:d3:a8:d4:
                    a9:a8:eb:4e:e4:c1:36:ea:38:ab:53:b7:5a:ba:83:
                    c1:c9:ca:a1:1b:7c:d9:88:39:ff:6d:ac:5a:dc:a0:
                    45:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                7B:73:E7:67:E8:9F:84:48:66:41:40:5D:E9:D8:E9:4E:93:8E:4C:25
            X509v3 Authority Key Identifier: 
                keyid:7B:73:E7:67:E8:9F:84:48:66:41:40:5D:E9:D8:E9:4E:93:8E:4C:25

            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
         85:7f:bb:3c:9a:1a:26:fa:d0:66:ac:e4:57:3a:70:f4:15:e5:
         b8:58:73:5f:98:30:64:4d:e9:3b:32:73:d9:8e:f7:78:25:49:
         4c:ef:d6:e1:7d:ba:08:b3:4a:d4:3f:f6:7f:71:30:ce:6a:44:
         54:ff:c4:71:4d:ff:ae:4a:ff:bb:7a:62:15:2b:b0:4c:79:9d:
         77:b2:a1:fa:9c:c2:b7:f6:ca:9a:b3:e5:e2:3a:66:89:6c:a5:
         15:fb:74:64:0c:e9:bc:b1:05:10:d9:40:56:20:b6:32:ba:a0:
         47:f7:37:d4:44:83:7a:f1:ae:fe:f2:6b:3a:33:67:7f:02:8a:
         d0:4d:40:dd:9a:9b:33:66:00:d7:9f:d7:25:29:78:f6:78:25:
         0d:cf:b0:86:95:5d:d0:56:f3:10:02:19:e0:eb:c0:c1:7f:a9:
         7b:91:c2:b9:00:15:fd:f8:a2:2e:db:57:5a:26:8f:46:69:85:
         03:26:4d:e5:cf:66:08:67:f3:e5:73:af:b1:ff:3d:1a:92:3c:
         8b:04:4a:97:d3:e3:f2:18:d1:e3:a8:72:8a:bf:1d:c3:a7:d1:
         f8:3f:ef:34:48:02:92:67:89:d4:d9:25:08:b4:20:37:01:ca:
         10:6d:fb:81:64:8b:81:df:ee:f8:c6:be:af:cb:12:fb:cb:7b:
         06:e1:9c:02

5、 在 CentOS7 中使用 openssl 软件创建一个证书申请请求文件,并使用上面的跟证书对其进行签署

[root@centos7 ~]# (umask 066;openssl genrsa -out /data/app.key 2048)
Generating RSA private key, 2048 bit long modulus
........+++
..........................+++
e is 65537 (0x10001)
[root@centos7 ~]# openssl req -new -key /data/app.key -out /data/app.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:henan
Locality Name (eg, city) [Default City]:luoyang
Organization Name (eg, company) [Default Company Ltd]:magedu
Organizational Unit Name (eg, section) []:ops
Common Name (eg, your name or your server's hostname) []:app.kobe.com
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

[root@centos7 ~]# openssl ca -in /data/app.csr -out /etc/pki/CA/certs/app.crt -days 180
Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
        Serial Number: 1 (0x1)
        Validity
            Not Before: Sep  4 13:28:33 2020 GMT
            Not After : Mar  3 13:28:33 2021 GMT
        Subject:
            countryName               = CN
            stateOrProvinceName       = henan
            organizationName          = magedu
            organizationalUnitName    = ops
            commonName                = app.kobe.com
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            Netscape Comment: 
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier: 
                25:9E:96:A4:23:12:B7:87:FE:F7:61:D4:DB:F2:5D:B3:CB:4C:2E:E4
            X509v3 Authority Key Identifier: 
                keyid:7B:73:E7:67:E8:9F:84:48:66:41:40:5D:E9:D8:E9:4E:93:8E:4C:25

Certificate is to be certified until Mar  3 13:28:33 2021 GMT (180 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

[root@centos7 ~]# openssl x509 -in /etc/pki/CA/certs/app.crt -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=CN, ST=henan, L=zhengzhou, O=magedu, OU=it, CN=ca.kobe.com
        Validity
            Not Before: Sep  4 13:28:33 2020 GMT
            Not After : Mar  3 13:28:33 2021 GMT
        Subject: C=CN, ST=henan, O=magedu, OU=ops, CN=app.kobe.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c3:22:c2:81:e3:fe:31:43:53:23:35:46:e0:cf:
                    f0:4e:07:a0:73:56:a6:30:4e:41:4b:a9:a4:ac:a8:
                    50:70:04:8a:bf:63:a0:39:05:52:f0:b1:2d:1d:a9:
                    2d:ac:31:c0:07:b1:03:20:4d:39:ce:5c:fe:70:35:
                    fe:fe:cd:82:e3:cb:60:aa:bd:47:fd:5b:5d:20:68:
                    eb:58:04:73:34:19:d7:07:38:99:81:97:4e:02:34:
                    98:27:8c:a0:51:47:aa:04:9f:6b:38:53:0f:ba:50:
                    fd:54:a2:00:43:50:47:78:d2:72:68:84:1d:7c:62:
                    91:bb:c5:d6:0b:0e:cc:6a:dd:83:d7:8d:4a:21:94:
                    4e:d2:77:c4:3f:63:71:80:30:8b:c3:df:0e:85:33:
                    b7:1b:fe:92:86:fa:f3:be:24:1e:98:d1:04:c7:37:
                    59:1f:e4:e9:ea:ce:aa:ea:fd:73:3d:73:33:9c:ee:
                    98:5c:d0:15:ac:3c:a3:53:26:1a:01:29:b2:56:bb:
                    30:c1:f1:45:de:50:08:67:a0:7b:b1:89:66:94:b7:
                    4c:c0:94:67:54:94:2e:3c:e7:32:dc:9f:0a:4e:bb:
                    3a:33:9a:c1:a3:43:72:6f:8f:d5:90:ce:38:9f:24:
                    57:00:cc:38:91:50:be:93:ea:98:37:6c:af:ec:88:
                    40:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            Netscape Comment: 
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier: 
                25:9E:96:A4:23:12:B7:87:FE:F7:61:D4:DB:F2:5D:B3:CB:4C:2E:E4
            X509v3 Authority Key Identifier: 
                keyid:7B:73:E7:67:E8:9F:84:48:66:41:40:5D:E9:D8:E9:4E:93:8E:4C:25

    Signature Algorithm: sha256WithRSAEncryption
         87:9b:bf:79:1d:0b:c2:f3:ab:17:d4:d6:31:75:20:29:b3:a1:
         48:af:85:7c:df:ae:23:71:eb:17:01:91:14:cf:03:f1:bf:9f:
         37:de:b6:d1:41:64:27:ab:7a:7c:98:e6:73:84:eb:0e:65:e7:
         e8:e2:85:f6:06:d6:03:9b:59:6e:e0:1d:69:66:8a:88:9a:86:
         de:68:f3:b4:45:84:64:46:99:b9:0d:a5:96:c3:83:0f:67:c8:
         6b:b5:95:b5:2c:3f:2e:b9:20:8f:ba:c3:80:03:fc:bf:29:d6:
         4e:6c:78:d4:cf:cb:2d:02:25:29:bc:54:fe:4d:44:34:5d:01:
         7a:d2:be:f2:2b:07:55:d3:d5:41:ce:dc:19:40:83:2c:28:30:
         00:d1:b2:a3:b1:f0:ef:fc:fe:97:5f:9b:b4:69:a7:65:b6:70:
         73:2e:32:44:7a:14:ef:59:54:74:3b:92:6d:8d:f5:85:c9:37:
         74:d0:08:dc:16:12:c2:5a:f9:ce:a9:b5:9e:e5:59:d9:63:b1:
         62:a8:68:10:57:73:5c:92:58:66:0b:88:3d:a2:4d:b8:53:a6:
         d7:cd:bb:67:f0:c3:a7:aa:44:a9:fe:6f:67:5a:99:a7:0a:cb:
         da:fe:10:0a:93:6e:df:4b:5a:59:6c:04:7d:64:5a:9e:ae:62:
         3d:0e:20:40

6、吊销已经签署成功的证书

[root@centos7 ~]# openssl x509 -in /etc/pki/CA/certs/app.crt -noout -serial -subject
serial=01
subject= /C=CN/ST=henan/O=magedu/OU=ops/CN=app.kobe.com
[root@centos7 ~]# openssl ca -revoke  /etc/pki/CA/newcerts/01.pem 
Using configuration from /etc/pki/tls/openssl.cnf
Revoking Certificate 01.
Data Base Updated
[root@centos7 ~]# openssl ca -gencrl -out /etc/pki/CA/crl.pem
Using configuration from /etc/pki/tls/openssl.cnf
[root@centos7 ~]# openssl crl -in /etc/pki/CA/crl.pem -noout -text
Certificate Revocation List (CRL):
        Version 2 (0x1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: /C=CN/ST=henan/L=zhengzhou/O=magedu/OU=it/CN=ca.kobe.com
        Last Update: Sep  4 13:39:46 2020 GMT
        Next Update: Oct  4 13:39:46 2020 GMT
        CRL extensions:
            X509v3 CRL Number: 
                1
Revoked Certificates:
    Serial Number: 01
        Revocation Date: Sep  4 13:37:09 2020 GMT
    Signature Algorithm: sha256WithRSAEncryption
         ae:5c:46:28:ac:9e:6a:b9:ee:f8:dc:c3:87:7d:d4:b5:07:06:
         3b:cc:66:2a:33:98:fc:6a:50:3e:b1:d0:11:ae:a5:8a:79:c4:
         95:28:1e:92:a4:b2:85:62:5f:d5:9b:94:dd:6a:2e:5b:80:d6:
         77:70:23:02:13:66:c6:88:a4:27:f9:17:1b:d0:3f:93:60:36:
         05:ae:c1:5d:04:a4:49:b9:16:2c:bb:d1:3a:34:af:8a:30:e5:
         4e:9d:bb:e0:4f:94:f5:9a:01:ce:26:9e:fd:4f:94:54:c8:67:
         eb:2c:36:38:f3:64:64:1f:2c:7e:61:72:ab:7e:cb:b7:ea:f1:
         1b:b6:be:60:ae:3c:73:f9:66:82:9c:87:74:2a:12:9a:9e:16:
         d7:1f:07:39:d8:4c:7f:35:87:87:03:6f:e7:79:85:23:bb:74:
         15:8b:63:7b:53:4a:e8:88:36:57:08:10:ad:f8:2a:6d:20:5a:
         d3:e7:f9:cc:f0:8c:a2:bd:ca:7a:cf:28:95:78:0d:b0:ff:2a:
         a7:de:f0:50:d1:53:98:17:24:e8:e2:22:3a:9c:b0:42:09:64:
         81:94:11:56:76:16:1c:a0:e5:c4:cc:77:62:d5:1b:bd:47:dc:
         71:3a:d1:4b:db:7f:b6:9d:03:de:9d:f4:b4:df:03:53:33:fb:
         51:41:1c:44
[root@centos7 ~]# openssl ca -status 01
Using configuration from /etc/pki/tls/openssl.cnf
01=Revoked (R)
kingdom_xu
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
2022年土地利用规划之平时作业
千寻的博客
04-29 1746
一、单选题 基本农田的保护措施有( )。 选择一项: A. 规定占用基本农田的审批手续和权限 B. 建立基本农田登记、损失补偿、地力保养、环境保护及监督检查制度 C. 确立政府在基本农田保护中的责任,逐级签订责任书直到村委会 D. 以上三项都是 解析:基本农田保护规划的核心是对基本保护区内农田实行特殊保护。其保护措施有规定占用基本农田的审批手续和权限;建立基本农田登记、损失补偿、地力保养、环境保护及监督检查制度;确立政府在基本农田保护中的责任,逐级签订责任书直到村委会。 正确答案是:以上三项都是 要进行土
cs231n作业一 knn
qq_42186444的博客
08-28 3272
cs231——knn作业 cs231——knn作业cs231——knn作业1.基础概念1.1 self.X_train1.2 y_train1.3 X2.作业一——两层循环实现3作业二——实现knn投票机制4作业三——使用一层循环实现5作业四——不用循环6作业五--交叉验证 1.基础概念 1.1 self.X_train 这是训练集,是由n*d的二位向量组成,表示由n个样本,每一个样本有d个特征值,就是把图片拉直了 1.2 y_train 这是训练集的标识,由数值组成,是n*1组成的,范围在0-9之间
大学生网页设计课程大作业1
weixin_51509194的博客
12-16 1793
大学生网页设计课程大作业个人首页作业要求我的代码 个人首页 你好!第一次在博客发代码,若不足请指正! 作业要求 根据所学基本的html、css、js、jQuery等知识编写自己的网页 我的代码 <html> <head> <meta charset="UTF-8"> <title>我的-网页设计</title> <link rel="stylesheet" href="xxx.css"> <style type=
国家开放大学-农村社会学-形考作业1
duanyuwangyuyan的博客
12-11 4854
关于xxx村家庭情况的调查报告 一、调查目的 分析家庭功能在社会、经济发展中的作用,加深对家庭功能理论的理解,同时发挥家庭功能在农村社会、经济发展中的应有作用 二、调查地点与时间 地点:xxx自然村 时间:2021年12月10日 三、调查方法 根据自己的乡村生活以及调研村里邻居的方式 四、调查内容与结论 (1)家庭的涵义、特点 它是以婚姻关系为基础,以血缘关系为纽带, 成员间有着共同的利害和亲密关系的群体。 这些血缘关系和姻缘关系包括: 第一,夫妻关系; 第二,亲子关系; 第三,兄弟姐妹关系; 第四,婆媳关
GAMES101:作业1
qq_41765657的博客
12-04 3618
Games101: 作业1 光栅化 这里一定要注意顺序,先透视再正交;正交里面先平移再缩放;否则做出来会是一条直线!
作业1
热门推荐
fightingJAMES的博客
03-31 3万+
Private Sub Command1_Click() Dim s As String Dim s As LoadPictureColorConstants s = Label1.Caption Label1.Caption = Label2.Caption Label2.Caption = s a = Label1.ForeColor Label1.ForeColor = Lab
【记录贴】cs231n课程作业一遇到问题总结
Kaiyuan_sjtu的博客
06-02 7413
1. 在本地完成作业环境配置cs231n课程课后作业是要求在ipython中完成并提交的,所以选择anaconda来做比较合适。关于anaconda的安装与使用可自行百度,教程很多。选择好编译器之后就可以从官网上下载作业压缩包和数据集了。这里强调一下数据集的下载:点击打开链接,打开网址下拉选择VersionSizemd5sumCIFAR-10 python version163 MBc58f301...
python期末大作业_一个完整的python大作业
weixin_39790877的博客
11-21 4732
importrequestsimportrefrom bs4 importBeautifulSoupfrom datetime importdatetimeimportpandasimportsqlite3importjiebafrom wordcloud importWordCloudimportmatplotlib.pyplot as plturl= "http://www.xinhuanet...
机器学习大作业1
qq_44655971的博客
05-04 4742
晚上不想看编译原理了,就把吴恩达老师第一次的大作业看了一下。我是用Matlab写的(和C++比真的简单多了)。 还挺成功的,一次暴力一次梯度下降算出来的几乎相等 这个是for for暴力跑出来的 代码太丑就不放了 这是用梯度下降跑出来的,刚开始学习率太大调了一会 下面是自己写的代码 % % data = load('ex1data1.txt'); % read comma separated...
作业调度算法
SmallSweets的博客
03-11 7416
单道批处理系统中,有四个作业,到达时间和所需运行时间如下表所示,按照先来先服务(FCFS),短作业优先(SJF),最高响应比优先(HRN)算法计算各个进程的开始运行时间,完成时间,周转时间,带权周转时间和所有作业的平均周转时间,平均带权周转时间。 作业 到达时间/h 运行时间/h 开始时间 完成时间 周转时间 带权周转时间 平均周转时间 平均带权周转时间 1 8.0 2.0 2 8.6 0.6 3 8.8 0.2 4 9.0 0.5
21春北交《形势与政策》在线作业一参考答案.docx
10-23
21春北交《形势与政策》在线作业一参考答案.docx
东师21春《人体解剖生理学》在线作业1参考答案.docx
10-24
东师21春《人体解剖生理学》在线作业1参考答案.docx
20春东北师范大学《外国文学史》在线作业1答案参考.docx
10-22
20春东北师范大学《外国文学史》在线作业1答案参考.docx
作业--SHELL脚本编程练习答案(多版本)
kingdom_xu的博客
08-19 4952
练习: 1、编写脚本 systeminfo.sh,显示当前主机系统信息,包括:主机名,IPv4地址,操作系统版本,内核 版本,CPU型号,内存大小,硬盘大小 #!/bin/bash YELLOW='\e[1;33m' RED='\e[1;31m' END='\e[0m' echo -e "${YELLOW}++++++++++++++++++++++++++++++++++++++++++${END}" echo -e "${RED}HOSTNAME: `hostname`${END}" e
作业--MySQL数据库练习题
kingdom_xu的博客
09-26 2079
练习 导入hellodb.sql生成数据库 在students表中,查询年龄大于25岁,且为男性的同学的名字和年龄 以ClassID为分组依据,显示每组的平均年龄 显示第2题中平均年龄大于30的分组及平均年龄 显示以L开头的名字的同学的信息 显示TeacherID非空的同学的相关信息 以年龄排序后,显示年龄最大的前10位同学的信息 查询年龄大于等于20岁,小于等于25岁的同学的信息 以ClassID分组,显示每班的同学的人数 以Gender分组,显示其年龄之和 以Cl
作业--Linux范例练习题
kingdom_xu的博客
08-20 1478
1、显示/etc目录下所有以l开头,以一个小写字母结尾,且中间出现至少一位数字的文件或目录 ls -d /etc/|[[:digit:]][[:lower:]] 2、显示/etc目录下以任意一位数字开头,且以非数字结尾的文件或目录 ls -d /etc/[[:digit:]]*[1] 3、显示/etc/目录下以非字母开头,后面跟了一个字母及其它任意长度任意字符的文件或目录 ls -d /etc/[2][[:alpha:]]* 4、显示/etc/目录下所有以rc开头,并后面是0-6之间的数字,其它为任意字符的
作业
kingdom_xu的博客
10-18 975
文章目录1、如果主节点已经运行了一段时间,且有大量数据时,如何配置并启动slave节点(写出操作步骤)2、当master服务器宕机,提升一个slave成为新的master(写出操作步骤)3、通过 MHA 0.58 搭建一个数据库集群结构4、实战案例:Percona XtraDB Cluster(PXC 5.7)5、通过 ansible 部署二进制 mysql 8 1、如果主节点已经运行了一段时间,且有大量数据时,如何配置并启动slave节点(写出操作步骤) 2、当master服务器宕机,提升一个slave成
作业--用户组和权限管理练习
kingdom_xu的博客
08-20 753
1、创建用户gentoo,附加组为bin和root,默认shell为/bin/csh,注释信息为"Gentoo Distribution" useradd -G bin,root -s /bin/csh -c “Gentoo Distribution” gentoo 2、创建下面的用户、组和组成员关系 名字为webs 的组 用户nginx,使用webs 作为附加组 用户varnish,使用webs 作为附加组 用户mysql,不可交互登录系统,且不是webs 的成员,nginx,varnish,mysql密
fortran上机作业1
最新发布
09-30
Fortran是一种科学计算语言,经常用于高性能计算和科学工程领域。对于Fortran上机作业1,我们需要了解具体的题目内容才能给出详细解答。在这里,我将提供一些关于Fortran上机作业1的一般性指导。 通常,Fortran上机作业1会涉及到一些基本的程序编写和计算任务。以下是一些可能的题目类型: 1. 简单的数值计算:要求编写一个Fortran程序,实现基本的数学计算任务,如加法、减法、乘法和除法等。学生需要理解Fortran的基本语法和常用数学函数,并根据题目要求编写程序。 2. 循环结构:题目要求学生使用循环结构编写Fortran程序。这可能包括使用DO循环实现数列的计算、累加操作、求平均值等。学生需要熟悉循环结构的语法和用法,并且能够根据题目要求正确编写程序。 3. 条件语句:题目要求学生使用条件语句编写Fortran程序。例如,根据输入的数据,判断某个条件是否成立,并根据条件选择执行不同的操作。学生需要理解条件语句的语法和逻辑,并且能够正确编写满足要求的程序。 4. 输入和输出:题目要求学生编写带有输入和输出的Fortran程序。这可能包括从文件中读取数据、将计算结果写入文件、显示运算过程等。学生需要理解输入和输出操作的语法和用法,并能够正确处理数据的读取和输出。 无论具体的题目类型是什么,完成Fortran上机作业1的关键是理解题目要求,熟悉Fortran的语法和常用函数,并能够正确地将问题转化为程序。此外,良好的编程习惯和代码可读性也是非常重要的,包括合理的命名方式、适当的注释和代码缩进等。最后,测试程序的正确性也是不可忽视的一步,可以通过调试和对比预期结果来验证程序的正确性。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值