# make certificate TYPE=custom
这一步要生成你自己的 CA (如果你不知道,我也不能细说了,简单地 说就是认证中心),和用它来为你的服务器签署证书。 有很多东西要输入。
______________________________________________________________________
STEP 0: R选择算法,使用缺省的 RSA
______________________________________________________________________
STEP 1: 生成 ca.key,CA的私人密钥
______________________________________________________________________
STEP 2: Generating X.509 certificate signing request for CA [ca.csr]
You are about to be asked to enter information that will be incorporated
into your certificate request.
(为CA生成X.509的认证请求 ca.csr 要输入一些信息)
Country Name: cn 国家代码,两个字母
State or Provice name: fujain省份
Locality Name: xiamen城市名
Organization Name: home CA 组织名,随便写吧
Organization Unit Name: home CA
Common Name: home CA
Email Address: [email protected]我的Email
Certificate Validity: 4096 四千多天,够了吧
______________________________________________________________________
STEP 3: Generating X.509 certificate for CA signed by itself [ca.crt]
Certificate Version (1 or 3) [3]:1
______________________________________________________________________
STEP 4: Generating RSA private key for SERVER (1024 bit) [server.key]
(生成服务器的私人密钥,server.key)
______________________________________________________________________
STEP 5: Generating X.509 certificate signing request for SERVER [server.csr]
You are about to be asked to enter information that will be incorporated
into your certificate request.
(生成服务器的认证请求,server.csr 要输入一些信息,和STEP 2类似)
[注意:
Common Name是你的网站域名,如 www.mydomain.com
Certificate Validity不要太大,365就可以了]