RSA:
CA:1.openssl genrsa -out ca-key.pem 1024
2.openssl req -new -out ca-req.csr -key ca-key.pem -config openssl.cnf
3.openssl x509 -req -in ca-req.csr -out ca-cert.pem -signkey ca-key.pem -days 365
4.openssl pkcs12 -export -clcerts -in ca-cert.pem -inkey ca-key.pem -out ca.p12 -passout pass:123456
SERVER:1.openssl genrsa -out server-key.pem 1024
2.openssl req -new -out server-req.csr -key server-key.pem -config openssl.cnf
3.openssl x509 -req -in server-req.csr -out server-cert.pem -signkey server-key.pem -CA ../ca/ca-cert.pem -CAkey ../ca/ca-key.pem -CAcreateserial -days 365
4.openssl pkcs12 -export -clcerts -in server-cert.pem -inkey server-key.pem -out server.p12 -passout pass:123456
CLIENT:1.openssl genrsa -out client-key.pem 1024
2.openssl req -new -out client-req.csr -key client-key.pem -config openssl.cnf
3.openssl x509 -req -in client-req.csr -out client-cert.pem -signkey client-key.pem -CA ../ca/ca-cert.pem -CAkey ../ca/ca-key.pem -CAcreateserial -days 365
-sigalg SHA1withRSA
4.openssl pkcs12 -export -clcerts -in client-cert.pem -inkey client-key.pem -out client.p12 -passout pass:123456
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
DSA:
CA:1.openssl dsaparam -out dsaparam 1024
2.openssl gendsa -out ca-key.pem dsaparam
////////////剩下的命令和生成rsa证书从第二部开始一样!!!!!!!!!!!!!!!
测试1:ca:DSA server:RSA client:RSA //执行通过
测试2:ca:DSA server:RSA client:DSA //执行通过
测试3:ca:DSA server:DSA client: RSA //执行通过
测试4:ca:DSA server:DSA client: DSA //执行通过
测试5:ca:RSA server:RSA client:RSA //执行通过
测试6:ca:RSA server:RSA client:DSA//第三步未通过
测试5:ca:RSA server:DSA client:RSA //第二部未通过 问题://生成RSA的ca,为什么在生成server或者client时,执行都在生成DSA证书,执行“3.”命令时出错!!!!
测试5:ca:RSA server:DSA client:DSA //未通过
问题://生成RSA的ca,为什么在生成server或者client时,执行都在生成DSA证书,执行“3.”命令时出错!!!!
问题://生成RSA的ca,为什么在生成server或者client时,执行都在生成DSA证书,执行“3.”命令时出错!!!!
问题://生成RSA的ca,为什么在生成server或者client时,执行都在生成DSA证书,执行“3.”命令时出错!!!!
