执行ntp-keygen -c RSA-SHA256 -m 2048 -pserver_password-T -H -l3650命令,生成密钥文件。
其中,server_password为生成证书时使用的密钥加密口令;3650为代表证书有效天数的可变参数。
执行结果如下:
C:\Users\xxx>D:
D:\>cd ntp_config
D:\ntp_config>ntp-keygen -c RSA-SHA256 -m 2048 -p server_password -T -H -l 3650
Unable to initialize .rnd file
Using OpenSSL version OpenSSL 1.0.2k 26 Jan 2017
Using host ctuy5y002941131 group ctuy5y002941131
Generating RSA keys (2048 bits)...
RSA 3 1 2
Generating new host file and link
ntpkey_host_ctuy5y002941131->ntpkey_RSAhost_ctuy5y002941131.3707467127
Using host key as sign key
Generating new certificate ctuy5y002941131 RSA-SHA256
X509v3 Basic Constraints: critical,CA:TRUE
X509v3 Key Usage: digitalSignature,keyCertSign
X509v3 Extended Key Usage: trustRoot
Generating new cert file and link
ntpkey_cert_ctuy5y002941131->ntpkey_RSA-SHA256cert_ctuy5y002941131.3707467127