Update ssl_ca.md

71301461 · 郜兴晔 · 00761708 · 71301461
Commit 71301461 authored 9 years ago by 郜兴晔
Show whitespace changes
Inline Side-by-side

Showing with 9 additions and 1 deletion

ssl_ca.md ssl_ca.md +9 -1

No files found.
--- a/ssl_ca.md
+++ b/ssl_ca.md
 #SSL_CA 安装
 - 生成私钥申请CA：
        参考http://docs.aliyun.com/?spm=5176.7189909.0.0.H2Ofhg#/pub/slb/faq/cert-faq
 - 登陆godaddy.com下载CA证书
 - 解压CA包： 
        unzip XXXX.zip
        ls 
        eae08d8596e983ce.crt    gd_bundle-g2-g1.crt
 - 验证CA证书(错误可忽略)： 
        openssl verify  gd_bundle-g2-g1.crt
        gd_bundle-g2-g1.crt: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
        error 20 at 0 depth lookup:unable to get local issuer certificate
@@ -25,11 +28,13 @@
        eae08d8596e983ce.crt: OK
 - 转换CA证书格式：
        openssl x509 -in gd_bundle-g2-g1.crt -out  gengmei_gd.pem
        openssl x509 -in eae08d8596e983ce.crt -out  gengmei_cc.pem
        cat gengmei_cc.pem  gengmei_gd.pem  >  gengmei_ca.pem
 - 验证CA证书：
        openssl x509 -x509toreq -in  gengmei_ca.pem  -out gengmei.csr  -signkey gengmei.key
        Getting request Private Key
        Enter pass phrase for gengmei.key:
@@ -37,10 +42,12 @@
        Generating certificate request
 - 转换私钥证书格式（可选）：
        openssl rsa -in gengmei.key -text > gengmei_pri.pem
        Enter pass phrase for gengmei.key:
        ＃输入创建私钥的密码
        writing RSA key
- 在负载均衡SLB上创建证书
+- 在负载均衡SLB上创建证书：
        参考http://docs.aliyun.com/?spm=5176.7189909.0.0.H2Ofhg#/pub/slb/faq/cert-faq
\ No newline at end of file