зеркало из
https://github.com/iharh/notes.git
synced 2025-11-03 23:26:09 +02:00
22 строки
558 B
Plaintext
22 строки
558 B
Plaintext
CSR:
|
|
|
|
$ openssl req -new -key fd.key -out fd.csr
|
|
... (use . for the empty fields instead of the default values)
|
|
|
|
After CSR is generated, it can be used for
|
|
- sign our own certificate
|
|
- send it to the public CA asking to sign a certificate
|
|
|
|
befre that, it's good to view/check the CSR:
|
|
|
|
$ openssl req -text -in fd.csr -noout
|
|
|
|
to renew a CSR from the existing cert, use:
|
|
|
|
$ openssl x509 -x509toreq -in fd.crt -out fd.csr -signkey fd.key
|
|
|
|
We can also use a cnf-config for automating a CSR-generation:
|
|
|
|
$ openssl req -new -config fd.cnf -key fd.key -out fd.csr
|
|
|