Создание самоподписанных сертификатов SSL с помощью инструмента OpenSSL на Ubuntu/en: различия между версиями
(Новая страница: «== '''Creating Self-Signed SSL Certificates Using OpenSSL on Ubuntu''' == === '''Installing OpenSSL''' === The first step is to install OpenSSL. To install OpenSSL, execute the following command:<br> <code>sudo apt update<br> sudo apt install openssl</code> === '''Creating a Directory for Certificates''' === The second step is creating a directory for the certificates. For convenience, it is recommended to create a separate directory where the certificates w...») |
(Новая страница: «=== '''Generating a Private Key''' === The third step is generating a private key. A private key needs to be created using the following command.<br> <code> openssl genpkey -algorithm RSA -out example.com.key </code><br> In this command, replace example.com.key with the name of your key.<br> When executing the command, you will be prompted to enter a password for the private key. This password will be used every time you access the private key, so make sure...») |
||
Строка 8: | Строка 8: | ||
<code>mkdir ~/certificates<br> | <code>mkdir ~/certificates<br> | ||
cd ~/certificate</code> | cd ~/certificate</code> | ||
=== '''Generating a Private Key''' === | |||
=== ''' | The third step is generating a private key. A private key needs to be created using the following command.<br> | ||
<code> openssl genpkey -algorithm RSA -out example.com.key </code><br> | <code> openssl genpkey -algorithm RSA -out example.com.key </code><br> | ||
In this command, replace example.com.key with the name of your key.<br> | |||
When executing the command, you will be prompted to enter a password for the private key. This password will be used every time you access the private key, so make sure it is securely stored. | |||
=== ''' | === '''Creating a Self-Signed Certificate''' === | ||
It is necessary to create a self-signed certificate using the generated private key: | |||
<code> openssl req -x509 -new -key example.com.key -out example.com.crt </code><br> | <code> openssl req -x509 -new -key example.com.key -out example.com.crt </code><br> | ||
After executing this command, OpenSSL will ask you to enter information about the certificate. The necessary information may include: country, province, city, etc. This information will be included in the self-signed certificate. | |||
<div lang="ru" dir="ltr" class="mw-content-ltr"> | <div lang="ru" dir="ltr" class="mw-content-ltr"> | ||
'''Пример ввода информации:'''<br> | '''Пример ввода информации:'''<br> |
Версия от 16:05, 23 ноября 2023
Creating Self-Signed SSL Certificates Using OpenSSL on Ubuntu
Installing OpenSSL
The first step is to install OpenSSL. To install OpenSSL, execute the following command:
sudo apt update
sudo apt install openssl
Creating a Directory for Certificates
The second step is creating a directory for the certificates. For convenience, it is recommended to create a separate directory where the certificates will be stored:
mkdir ~/certificates
cd ~/certificate
Generating a Private Key
The third step is generating a private key. A private key needs to be created using the following command.
openssl genpkey -algorithm RSA -out example.com.key
In this command, replace example.com.key with the name of your key.
When executing the command, you will be prompted to enter a password for the private key. This password will be used every time you access the private key, so make sure it is securely stored.
Creating a Self-Signed Certificate
It is necessary to create a self-signed certificate using the generated private key:
openssl req -x509 -new -key example.com.key -out example.com.crt
After executing this command, OpenSSL will ask you to enter information about the certificate. The necessary information may include: country, province, city, etc. This information will be included in the self-signed certificate.
Пример ввода информации:
Country Name (2 letter code) [AU]:RU
State or Province Name (full name) [Some-State]:Moscow
Locality Name (eg, city) []:Moscow City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:SmartPlayer
Organizational Unit Name (eg, section) []:IT Department
Common Name (e.g. server FQDN or YOUR name) []: smartplayer.org
Email Address []:example@smartplayer.org
Важно! "Common Name" должен содержать доменное имя вашего веб-сайта. Необходимо заполнить все поля в соответствии с данными.
В директории "~/certificates" будет лежать самоподписанный сертификат example.com.crt и закрытый ключ example.com.key. Этот сертификат можно использовать для тестирования или внутренних целей.