前言
上文介绍了如何创建https证书并使谷歌信任该证书,本文介绍,通过上文生成的根证书来制作二级证书。
查看密钥库里面的内容
keytool -list -keystore ./https_demo1.keystore -v
生成证书
keytool -genkeypair -alias secoundCert -keyalg RSA -validity 36500 -storepass 111111 -keystore ./https_demo1.keystore -storetype PKCS12 -ext san=dns:localhost -v
生成证书请求文件
keytool -certreq -alias secoundCert -validity 36500 -file secoundCert.csr -storepass 111111 -keystore ./https_demo1.keystore
用根证书签名生成二级证书
keytool -gencert -alias https_demo1 -validity 36500 -infile secoundCert.csr -outfile secoundCert.cer -storepass 111111 -keystore ./https_demo1.keystore
导入证书
keytool -importcert -alias secoundCert -file secoundCert.cer -storepass 111111 -keystore ./https_demo1.keystore