-
-
Save beginor/10241387 to your computer and use it in GitHub Desktop.
Revisions
-
Chen Ming created this gist
Apr 4, 2014 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,15 @@ 1. 生成keystore 注册在填写名子与姓氏时需要填写tomcat的主机ip地址 keytool -genkey -v -alias tomcat -keyalg RSA -keystore tomcat.keystore -validity 365 2. 准备生成 CA 的key openssl genrsa -out myCA.key 2048 3. 生成 CA openssl req -x509 -new -key myCA.key -out myCA.cer -days 730 -subj /CN="Sencloudx Custom CA" 4. 准备从 CA 请求认证的请求文件 keytool -certreq -alias tomcat -keystore tomcat.keystore -file server.csr 5. 从CA请求认证 openssl x509 -req -in server.csr -out server.cer -CAkey myCA.key -CA myCA.cer -days 365 -CAcreateserial -CAserial serial 6. 导入 CA 根证书 keytool -import -trustcacerts -keystore tomcat.keystore -alias root -file myCA.cer 7. 导入认证证书 keytool -import -keystore tomcat.keystore -alias tomcat -file server.cer
Chen Ming
created
this gist