简要记录一下SSL服务器配置和客户端配置的步骤,不清楚的请查阅链接:
配置SSL服务器的步骤:
1. Create the SSL server PSEs. 创建server PSE
2. Generate a certificate request for each SSL server PSE. 生成certtificate request
3. Send the certificate requests to a CA to be signed. 发送request给CA进行签名
4. Import the certificate request responses into the server's SSL server PSEs.将response导入到server PSE
5. Maintain the SSL server PSE's certificate list.导入SSL server PSE 的证书
配置SSL客户端的步骤:
- Create the standard SSL client PSE.创建client PSE
In this case, you specify the CN part of the Distinguished Name (default = system ID). You only create one PSE, which is then distributed to the rest of the application servers.
- Generate a certificate request for the standard SSL client PSE.生成certification request
Because the SSL client PSE is system-specific and not server-specific, you only need to create a single certificate request and import it once.
- Send the certificate request to a CA to be signed.发送request给CA进行签名
- Import the certificate request response into the server's standard SSL client PSE.将response导入到client PSE
- Maintain the standard SSL client PSE's certificate list导入SSL client PSE的证书