1.查看是否安装httpd和SSL(如果有就可以进行下一步)
[root@localhost ~]# rpm -qa | grep httpdhttpd-tools-2.2.15-47.el6.centos.4.x86_64[root@localhost ~]# rpm -qa | grep sslopenssl-1.0.1e-42.el6_7.4.x86_64openssl-devel-1.0.1e-42.el6_7.4.x86_64docbook-style-dsssl-1.79-10.el6.noarchmod_ssl-2.2.15-47.el6.centos.4.x86_64nss_compat_ossl-0.9.6-1.el6.x86_64
2.生成服务器私钥(以abc.cn为例)
[root@localhost /]# cd /opt[root@local opt]# openssl genrsa -out abc.cn.key 2048Generating RSA private key, 2048 bit long modulus...............+++...............+++e is 65537 (0x10001)
3.用私钥server.key文件生成证书请求文件csr
[root@local opt]# openssl req -new -out abc.cn.csr -sha256 -key abc.cn.keyYou are about to be asked to enter information that will be incorporatedinto your certificate request.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter '.', the field will be left blank.
Country Name (2 letter code) [XX]:CN #国家State or Province Name (full name) []:zhejiang #省份Locality Name (eg, city) [Default City]:hangzhou #城市Organization Name (eg, company) [Default Company Ltd]:22 #公司名称/个人直接填写姓名Organizational Unit Name (eg, section) []:22 #部门名称/个人直接填写姓名Common Name (eg, your name or your server's hostname) []:abc.cn #需要申请的域名Email Address []:22@22.cnPlease enter the following 'extra' attributesto be sent with your certificate request #提示你输入一个密码,不用理他直接回车A challenge password []:An optional company name []:[root@local opt]#