Tạo website certificate bằng openssl

Download và cài đặt openssl:

https://slproweb.com/download/Win64OpenSSL-1_1_1d.exe

Tạo root CA certificate:

openssl genrsa -out rootCA.key 4096
openssl req -new -x509 -key rootCA.key -out rootCA.crt -days 365000 -sha512

Tạo website certificate:

openssl genrsa -out hoshizora.key 4096
openssl req -new -key hoshizora.key -out hoshizora.csr
openssl x509 -req -in hoshizora.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out hoshizora.crt -days 730 -sha512 -extfile hoshizora.ext

Nội dung file hoshizora.ext:

subjectAltName = @alt_names

[alt_names]
DNS.1 = hoshizora.com
DNS.2 = *.hoshizora.com
IP.1 = 127.0.0.1

Tạo self signed certificate:

openssl req -x509 -newkey rsa:4096 -keyout localhost.key -out localhost.crt -nodes -days 365 -subj "/CN=localhost" -addext "subjectAltName = DNS:localhost"

Leave a Reply