OPENSSL
server1 | 10.10.10.1 |
---|---|
server2 | 10.10.10.2 |
server1
[root@localhosot server1]# cd /etc/pki/CA
certs crl newcerts pricvate
[root@localhosot CA]# touch index.txt
[root@localhosot CA]#echo 01 > serial
[root@localhosot CA]#(umask 077; openssl genrsa -out /etc/pki/private/cakey.pem 2048)
Generating RSA private key ,2048 bit long modulus
.......+++
...................................+++
e is 65507 (0x10001)
[root@localhosot CA]#cd /etc/pki
[root@localhosot CA]#ls
CA ca-trust java nssdb rpm-gpg rsyrlog tls
[root@localhosot CA]#ls private/
cakey.pem
- 生成秘钥
#(umask