Openssl制作CSR文件
1、Openssl是一个命令行工具,可以到 www.openssl.org 下载。
2、输入命令:
openssl req -new -nodes -newkey rsa:2048 -keyout server.key -out server.csr Loading 'screen' into random state - done Generating a 2048 bit RSA private key ...........................++++++ ....................................++++++ writing new private key to 'server.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:CN State or Province Name (full name) [Some-State]: Guangdong Locality Name (eg, city) []:Guangzhou Organization Name (eg, company) [Internet Widgits Ltd]: Global Digital Cybersecurity Authority Co., Ltd. Organizational Unit Name (eg, section) []:Technical support Common Name (eg, YOUR name) []:www.trustauth.cn Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
3、在完成了如上的交互信息输入后,当前目录下将产生两个文件:server.key?和?server.csr。请妥善保存这两个文件,请不要泄露server.key私钥文件。
4、在这一命令执行的过程中,系统会要求您填写如下信息:
Openssl制作中文CSR文件
1、首先需要修改Openssl.cnf,添加一条命令:
string_mask = utf8only
2、在Openssl.cnf中修改缺省的DN信息,录入需要的中文字符:
commonName_default = www.trustauth.cn
organizationName_default =数安时代科技股份有限公司
organizationalUnitName_default = 技术支持部
stateOrProvinceName_default = 广东省
localityName_default = 广州市
countryName_default = CN
3、将文件按UTF-8,no bom的编码格式保存,可以用Ultraedit这类工具进行保存。
4、在准备好Openssl.cnf文件后,输入命令:
openssl req -utf8 -config config.cnf -newkey rsa:2048 -nodes -batch -keyout server.key -out server.csr
5、在完成了如上的交互信息输入后,当前目录下将产生两个文件:server.key?和?server.csr。请妥善保存这两个文件,请不要泄露server.key私钥文件。
