User Tools
пакет_openssl
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
пакет_openssl [2024/08/22 08:13] val [Интерактивное подключение по ssl] |
пакет_openssl [2025/07/27 16:29] (current) val [Создание сертификата] |
||
|---|---|---|---|
| Line 19: | Line 19: | ||
| <code> | <code> | ||
| $ openssl s_client -connect ru.wikipedia.org:443 | $ openssl s_client -connect ru.wikipedia.org:443 | ||
| - | |||
| - | $ openssl s_client -showcerts -connect webinar6.bmstu.ru:443 2>/dev/null | openssl x509 -noout -dates #-text | grep bmstu | ||
| $ faketime -f "+500d" wget -q -O /dev/null https://webinar7.bmstu.ru && echo Ok || echo Err | $ faketime -f "+500d" wget -q -O /dev/null https://webinar7.bmstu.ru && echo Ok || echo Err | ||
| Line 106: | Line 104: | ||
| openssl genrsa -out wild.key 2048 | openssl genrsa -out wild.key 2048 | ||
| openssl req -new -x509 -days 3650 -key wild.key -out wild.crt -subj '/CN=*.corpX.un/O=CKO/C=RU' -addext 'subjectAltName=DNS:*.corpX.un' | openssl req -new -x509 -days 3650 -key wild.key -out wild.crt -subj '/CN=*.corpX.un/O=CKO/C=RU' -addext 'subjectAltName=DNS:*.corpX.un' | ||
| + | |||
| + | |||
| </code> | </code> | ||
| ==== Просмотр содержимого файла сертификата ==== | ==== Просмотр содержимого файла сертификата ==== | ||
| Line 262: | Line 262: | ||
| ==== Инициализация списка отозванных сертификатов ==== | ==== Инициализация списка отозванных сертификатов ==== | ||
| <code> | <code> | ||
| - | lan# openssl ca -gencrl -out /var/www/html/ca.crl | + | lan# openssl ca -gencrl -crldays 365 -out /var/www/html/ca.crl |
| </code><code> | </code><code> | ||
| Enter pass phrase for ./CA/ca.key:Pa$$w0rd | Enter pass phrase for ./CA/ca.key:Pa$$w0rd | ||
| Line 415: | Line 415: | ||
| lan# less CA/index.txt | lan# less CA/index.txt | ||
| - | lan# openssl ca -gencrl -out /var/www/html/ca.crl | + | lan# openssl ca -gencrl -crldays 365 -out /var/www/html/ca.crl |
| lan# openssl crl -text -noout -in /var/www/html/ca.crl | less | lan# openssl crl -text -noout -in /var/www/html/ca.crl | less | ||
пакет_openssl.1724303626.txt.gz · Last modified: 2024/08/22 08:13 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
