快速创建自签名ssl证书

运行环境为Linux,且已安装openssl组件。若为Windows环境,请相应修改前3行代码即可。

mkdir -p ~/myssl
cd ~/myssl

cat <<EOF >self.cnf
[ req ]
distinguished_name = req_distinguished_name
[ req_distinguished_name ]
[ v3_req ]
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = example.org
DNS.2 = *.example.org
EOF

SUBJECT="/C=CN"
SUBJECT="SUBJECT/ST=Beijing"
SUBJECT="SUBJECT/L=Beijing"
SUBJECT="SUBJECT/O=ExampleOrg"
SUBJECT="SUBJECT/OU=Devops"
SUBJECT="SUBJECT/CN=example.org"
SUBJECT="SUBJECT/emailAddress=ops@example.org"

openssl req -newkey rsa:4096 -x509 -nodes -days 3650 -extensions v3_req \
    -config self.cnf -keyout server.key -out server.crt -subj "$SUBJECT"

发表评论

您的电子邮箱地址不会被公开。 必填项已用*标注