1) 生成RSA私钥
openssl genrsa -des3 -out server.key 1024
2) 生成签名
openssl req -new -key server.key -out server.csr
3) 根据已生成的RSA私钥输出无加密的私钥
openssl rsa -in server.key -out server_nopass.key
4) 使用签名和私钥生成crt证书
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
server {
listen 80 default backlog=2048;
listen 443 ssl;
server_name wosign.com;
root /var/www/html;
ssl_certificate /usr/local/Tengine/sslcrt/ wosign.com.crt;
ssl_certificate_key /usr/local/Tengine/sslcrt/ wosign.com .Key;
}
https://www.cnblogs.com/piscesLoveCc/p/6120875.html
https://www.cnblogs.com/jingxiaoniu/p/6745254.html