ssl配置
创建私钥
openssl genrsa -out ./privatekey 2048
导出根机构证书
openssl req -new -x509 -key privatekey -out root.cer -days 365 -subj /CN=sudytech.com
创建证书库
keytool -genkeypair -v -alias myssl -keyalg RSA -sigalg SHA1withRSA -keysize 1024 -keystore ./keystore -validity 330 -dname "CN=sudy.f3322.org,OU=Sudytech,O=Group,L=NanJing,ST=JiangSu,C=CN"
导出证书
keytool -certreq -v -alias myssl -file ./tomcat.cer -keystore ./keystore
使用机构证书签名证书
openssl ca -keyfile ./privatekey -cert ./root.cer -in ./tomcat.cer -out ./tomcatsigned.cer -days 300 -policy policy_anything
导入根证书
keytool -importcert -alias RootCA -file ./root.cer -keystore ./keystore
导入已经签名证书
keytool -importcert -alias myssl -file ./tomcatsigned.cer -keystore ./keystore
查看证书
keytool -list -keystore ./keystore