openssl3.2/test/certs-056-allDNS-likeCNsallowedbyCA1,noS
- 手机
- 2025-08-05 07:09:02
文章目录 openssl3.2/test/certs - 056 - all DNS-like CNs allowed by CA1, no SANs概述笔记END openssl3.2/test/certs - 056 - all DNS-like CNs allowed by CA1, no SANs 概述
openssl3.2 - 官方demo学习 - test - certs
笔记 /*! * \file D:\my_dev\my_local_git_prj\study\openSSL\test_certs\056\my_openssl_linux_doc_056.txt * \note openssl3.2/test/certs - 056 - all DNS-like CNs allowed by CA1, no SANs */ // -------------------------------------------------------------------------------- // official bash script // -------------------------------------------------------------------------------- #! /bin/bash # \file setup056.sh # openssl3.2/test/certs - 056 - all DNS-like CNs allowed by CA1, no SANs ./mkcert.sh req goodcn2-key "O = Good NC Test Certificate 1" \ "CN=www.good.org" | \ ./mkcert.sh geneeconfig goodcn2-key goodcn2-cert ncca1-key ncca1-cert // -------------------------------------------------------------------------------- // openssl cmd line parse // -------------------------------------------------------------------------------- // cmd 2 openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out goodcn2-key.pem // cmd 3 // cfg_exp056_cmd3.txt string_mask=utf8only [req] prompt = no distinguished_name = dn [dn] O = Good NC Test Certificate 1 CN=www.good.org openssl req -new -sha256 -key goodcn2-key.pem -config cfg_exp056_cmd3.txt -out req_exp056_cmd3.pem // cmd 1 // cfg_exp056_cmd1.txt subjectKeyIdentifier = hash authorityKeyIdentifier = keyid basicConstraints = CA:false openssl x509 -req -sha256 -out goodcn2-cert.pem -extfile cfg_exp056_cmd1.txt -CA ncca1-cert.pem -CAkey ncca1-key.pem -set_serial 2 -days 36525 -in req_exp056_cmd3.pem // -------------------------------------------------------------------------------- // openssl log // -------------------------------------------------------------------------------- openssl x509 -req -sha256 -out goodcn2-cert.pem -extfile /dev/fd/63 -CA ncca1-cert.pem -CAkey ncca1-key.pem -set_serial 2 -days 36525 -extfile /dev/fd/63 => /home/lostspeed/openssl/openssl-3.2.0_debian/test/certs/my_openssl_linux_log.txt subjectKeyIdentifier = hash authorityKeyIdentifier = keyid basicConstraints = CA:false openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out goodcn2-key.pem openssl req -new -sha256 -key goodcn2-key.pem -config /dev/fd/63 -config /dev/fd/63 => /home/lostspeed/openssl/openssl-3.2.0_debian/test/certs/my_openssl_linux_log.txt string_mask=utf8only [req] prompt = no distinguished_name = dn [dn] O = Good NC Test Certificate 1 CN=www.good.org ENDopenssl3.2/test/certs-056-allDNS-likeCNsallowedbyCA1,noS由讯客互联手机栏目发布,感谢您对讯客互联的认可,以及对我们原创作品以及文章的青睐,非常欢迎各位朋友分享到个人网站或者朋友圈,但转载请说明文章出处“openssl3.2/test/certs-056-allDNS-likeCNsallowedbyCA1,noS”
![[docker]Docker网络](/0pic/pp_22.jpg)
