--- title: How to Generate Private Key and Certificate Using OpenSSL tags: Chinese --- # 如何利用OpenSSL建立Private Key和Certificate 本文將介紹如何於Linux與Windows上利用OpenSSL建立Private Key和Certificate,並啟用SideeX WebService SSL連線。 ## 步驟1:取得OpenSSL - `Ubuntu`已內建OpenSSL - `Windows`版本之OpenSSL下載網址: [OpenSSL](https://www.softpedia.com/get/Programming/Components-Libraries/OpenSSL.shtml)。提示:Git已內建OpenSSL,預設路徑為`C:\Program Files\Git\usr\bin\openssl.exe` ## 步驟2:建立Private Key與Certificate 1. 建立一個檔案`server.conf`,檔案內容如下: ```conf= [req] prompt = no default_md = sha256 default_bits = 2048 distinguished_name = dn x509_extensions = v3_req [dn] C = TW ST = Taiwan L = Taipei O = Duotify Inc. OU = IT Department emailAddress = admin@example.com CN = localhost [v3_req] subjectAltName = @alt_names [alt_names] DNS.1 = *.localhost DNS.2 = localhost ``` 2. 開啟命令列並執行以下指令以建立`private key`和`certificate` - Windows ``` $ openssl req -x509 -new -nodes -sha256 -utf8 -days 3650 -newkey rsa:2048 -keyout server.key -out cert.crt -config server.conf ``` - Linux ``` $ openssl req -x509 -new -nodes -sha256 -utf8 -days 3650 -newkey rsa:2048 -keyout key.pem -out cert.pem -config server.conf ``` ## 步驟3:啟用SideeX WebService SSL連線 請將產生之`key`與`cert`放在與`serviceconfig.json`同一個目錄,然後啟動SideeX WebService,服務啟動後所有用戶端將可使用SSL連線傳送測試案例與取得測試報告。
×
Sign in
Email
Password
Forgot password
or
By clicking below, you agree to our
terms of service
.
Sign in via Facebook
Sign in via Twitter
Sign in via GitHub
Sign in via Dropbox
Sign in with Wallet
Wallet (
)
Connect another wallet
New to HackMD?
Sign up