Generate a private key and a public Certificate Signing Request (CSR) by using the following command: openssl req -new -nodes -keyout myserver.key -out server.csr
From the above command it will create a new key and csr and name it myserver.key and server.csr.
# openssl req -new -nodes -keyout myserver.key -out server.csr
Generating a 1024 bit RSA private key
.................++++++
..++++++
writing new private key to 'myserver.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:ID
State or Province Name (full name) [Berkshire]:Jawa Timur
Locality Name (eg, city) [Newbury]:Blitar
Organization Name (eg, company) [My Company Ltd]:yogcorporation
Organizational Unit Name (eg, section) []:it
Common Name (eg, your name or your server's hostname) []:yogcent.com
Email Address []:yog.zeromind@gmail.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:pass123
An optional company name []:
Here is the result :
# cat myserver.key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQC8EO+E6Ne1Rz+ofmXDpUvsM6eeJyTqvjj2vTtNi9iuDkNDRbEc
qB+AXTd9kiMC9AL3XvPAakzi3pc2aD1nhQon75ojj34mzPzFZ8Xern3hS+v0JyAn
II1NjcpRQ5SFVHAZ0XPDAI174Op47t5rrYKCRgUAJqxHphZ9H26Y3oFKtQIDAQAB
AoGANG/AaN2HL3tDK5a6hxdymNQ6OyWM7IrHVTyj6VZBvx4o8Pvgiy3xQpg7HZ7+
dhdVMGXgLtk0wNjxbnEYFeIJV2jEpDuXHqXlLBtSyekMGma0hbdNmFCMKmW2/ayv
Kjw5u1287YrzZbDd6WUHhgHzo42Jm7Ytdai92v/uWkUmiq0CQQDlLGBjpQkcqn3d
xthxwCKSEQmHH0OJ8EwB0LHAQCdEkq9k83WwTHgqsMrPbpAOG+p0WCBnc+4uuNk5
bTNfbdXbAkEA0hSz085TO9jQoaVmmTu6dKl/jQ7VhUM0Udt0ZURT0LzK8cH5ygNy
W2fd2tUXfl7onFoZ2S2CGw/5TglvbBhurwJAQQjU2bIt4cqoKVWSesVRii33jDbd
Dbn5d9Jnfu01t4oA6B8G2N76gvLkuvTfQIG/iQCxQWpuvyeJzXglygD7XQJBAM7+
cwmZXE21niwHywXk4h0c/X7BRQWfaCfXseIt5t/fhZ+b30F7D+ycdO6v1AxB+7RC
2wEwY+fCX4TSqyS5FiUCQED7m/sno13ByVN0EvBGXSJW5Zqs05kAb3NhTkz4B5D5
RrdKndEo6ooJINmIq9K8e+WkJhgLV18GLIy66tTF81U=
-----END RSA PRIVATE KEY-----
# cat server.csr
-----BEGIN CERTIFICATE REQUEST-----
MIIB7zCCAVgCAQAwgZYxCzAJBgNVBAYTAklEMRMwEQYDVQQIEwpKYXdhIFRpbXVy
MQ8wDQYDVQQHEwZCbGl0YXIxFzAVBgNVBAoTDnlvZ2NvcnBvcmF0aW9uMQswCQYD
VQQLEwJpdDEUMBIGA1UEAxMLeW9nY2VudC5jb20xJTAjBgkqhkiG9w0BCQEWFnlv
Zy56ZXJvbWluZEBnbWFpbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
ALwQ74To17VHP6h+ZcOlS+wzp54nJOq+OPa9O02L2K4OQ0NFsRyoH4BdN32SIwL0
Avde88BqTOLelzZoPWeFCifvmiOPfibM/MVnxd6ufeFL6/QnICcgjU2NylFDlIVU
cBnRc8MAjXvg6nju3mutgoJGBQAmrEemFn0fbpjegUq1AgMBAAGgGDAWBgkqhkiG
9w0BCQcxCRMHcGFzczEyMzANBgkqhkiG9w0BAQUFAAOBgQCT+97CtHq6uuKTvgJX
G13vsUHatlKdvXMlWhKjEtCroHXu7f8gUMVSXy3Sh+r08qTTELMSinJUyHfqOvUp
9ALXgeQdZhewziEsvIGe8W0KDpd6pGnSU22b+3XcgTfn6Af0qa7C1TETpWLu09Uj
vDDhVFYj8yfxz1tA7kL7h/6w/Q==
-----END CERTIFICATE REQUEST-----
After you have 2 files generate. you can just need 1 file server.csr to complete your certificate. you can just simple purchase a certificate from certificate authority company such as geocert,verisign,etc.
sumber: http://www.wowtutorial.org/tutorial/34.html
0 comments:
Post a Comment