Differences

This shows you the differences between two versions of the page.

--- wiki:os:debian:sslcert [2012/11/09 14:35]
root vytvořeno
+++ wiki:os:debian:sslcert [2014/12/26 18:31] (current)
@@ Line 1: / Line 1: @@
+====== Generování SSL certifikátů ======
 ===== CERTIFIKACNI AUTORITA =====
 >openssl req -config ./openssl.cnf -newkey rsa:2048 -nodes -keyform PEM -keyout cakey.pem -x509 -days 3650 -extensions certauth -outform PEM -out cacert.pem
@@ Line 26: / Line 28: @@
 **klientsky certifikat s heslem ve formatu pkcs12**
 >openssl pkcs12 -export -in client/client_test.pem -inkey client/client_test.key -out client/client_test.p12
+<file - openssl.cnf>
+[ req ]
+default_md = sha1
+distinguished_name = req_distinguished_name
+[ req_distinguished_name ]
+countryName 			= Zkratka Zeme (2 znaky)
+countryName_default 		= CZ
+stateOrProvinceName 		= Zeme (cele jmeno)
+stateOrProvinceName_default 	= Czech Republic
+countryName_min 		= 2
+countryName_max 		= 2
+localityName 			= Mesto
+localityName_default 		= Mlada Boleslav
+organizationName 		= Firma
+organizationName_default 	= Nazev Firmy
+emailAddress			= admin@domain.cz
+commonName 			= Smart CA
+commonName_max 			= 64
+default_days   			= 3650
+default_crl_days		= 30
+[ certauth ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+basicConstraints = CA:true
+crlDistributionPoints = @crl
+[ server ]
+basicConstraints = CA:FALSE
+keyUsage = digitalSignature, keyEncipherment, dataEncipherment
+extendedKeyUsage = serverAuth
+nsCertType = server
+crlDistributionPoints = @crl
+[ client ]
+basicConstraints = CA:FALSE
+keyUsage = digitalSignature, keyEncipherment, dataEncipherment
+extendedKeyUsage = clientAuth
+nsCertType = client
+crlDistributionPoints = @crl
+[ crl ]
+URI=http://testca.local/ca.crl
+</file>

wiki.lkaplan.cz

User Tools

Site Tools

Differences

Page Tools