Создание самоподписанных сертификатов SSL с помощью инструмента OpenSSL на Ubuntu/en: различия между версиями

Материал из SmartPlayer
(Новая страница: «=== '''Generating a Private Key''' === The third step is generating a private key. A private key needs to be created using the following command.<br> <code> openssl genpkey -algorithm RSA -out example.com.key </code><br> In this command, replace example.com.key with the name of your key.<br> When executing the command, you will be prompted to enter a password for the private key. This password will be used every time you access the private key, so make sure...»)
(Новая страница: «'''Example of Entering Information:'''<br> <code>Country Name (2 letter code) [AU]:RU<br> State or Province Name (full name) [Some-State]:Moscow<br> Locality Name (eg, city) []:Moscow City<br> Organization Name (eg, company) [Internet Widgits Pty Ltd]:SmartPlayer<br> Organizational Unit Name (eg, section) []:IT Department<br> Common Name (e.g. server FQDN or YOUR name) []: smartplayer.org<br> Email Address []:example@smartplayer.org </code><br> '''Important!...»)
 
Строка 17: Строка 17:
<code> openssl req -x509 -new -key example.com.key -out example.com.crt </code><br>
<code> openssl req -x509 -new -key example.com.key -out example.com.crt </code><br>
After executing this command, OpenSSL will ask you to enter information about the certificate. The necessary information may include: country, province, city, etc. This information will be included in the self-signed certificate.
After executing this command, OpenSSL will ask you to enter information about the certificate. The necessary information may include: country, province, city, etc. This information will be included in the self-signed certificate.
<div lang="ru" dir="ltr" class="mw-content-ltr">
'''Example of Entering Information:'''<br>
'''Пример ввода информации:'''<br>
<code>Country Name (2 letter code) [AU]:RU<br>
<code>Country Name (2 letter code) [AU]:RU<br>
State or Province Name (full name) [Some-State]:Moscow<br>
State or Province Name (full name) [Some-State]:Moscow<br>
Строка 26: Строка 25:
Common Name (e.g. server FQDN or YOUR name) []: smartplayer.org<br>
Common Name (e.g. server FQDN or YOUR name) []: smartplayer.org<br>
Email Address []:example@smartplayer.org </code><br>
Email Address []:example@smartplayer.org </code><br>
'''Важно!''' "Common Name" должен содержать доменное имя вашего веб-сайта. Необходимо заполнить все поля в соответствии с данными.<br>
'''Important!''' The "Common Name" should contain the domain name of your website. It's necessary to fill in all fields accordingly.<br>
В директории "~/certificates" будет лежать самоподписанный сертификат example.com.crt и закрытый ключ example.com.key. Этот сертификат можно использовать для тестирования или внутренних целей.  
In the "~/certificates" directory, the self-signed certificate example.com.crt and the private key example.com.key will be located. This certificate can be used for testing or internal purposes.
{{Note|Самоподписанные сертификаты не будут доверены браузерами по умолчанию. Таким образом они будут вызывать всплывающее оповещения.|warn}}
{{Note|Self-signed certificates will not be trusted by browsers by default. As such, they will trigger warning pop-ups.|warn}}
</div>

Текущая версия от 16:06, 23 ноября 2023

Creating Self-Signed SSL Certificates Using OpenSSL on Ubuntu

Installing OpenSSL

The first step is to install OpenSSL. To install OpenSSL, execute the following command:
sudo apt update
sudo apt install openssl

Creating a Directory for Certificates

The second step is creating a directory for the certificates. For convenience, it is recommended to create a separate directory where the certificates will be stored:
mkdir ~/certificates
cd ~/certificate

Generating a Private Key

The third step is generating a private key. A private key needs to be created using the following command.
openssl genpkey -algorithm RSA -out example.com.key
In this command, replace example.com.key with the name of your key.
When executing the command, you will be prompted to enter a password for the private key. This password will be used every time you access the private key, so make sure it is securely stored.

Creating a Self-Signed Certificate

It is necessary to create a self-signed certificate using the generated private key: openssl req -x509 -new -key example.com.key -out example.com.crt
After executing this command, OpenSSL will ask you to enter information about the certificate. The necessary information may include: country, province, city, etc. This information will be included in the self-signed certificate. Example of Entering Information:
Country Name (2 letter code) [AU]:RU
State or Province Name (full name) [Some-State]:Moscow
Locality Name (eg, city) []:Moscow City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:SmartPlayer
Organizational Unit Name (eg, section) []:IT Department
Common Name (e.g. server FQDN or YOUR name) []: smartplayer.org
Email Address []:example@smartplayer.org
Important! The "Common Name" should contain the domain name of your website. It's necessary to fill in all fields accordingly.
In the "~/certificates" directory, the self-signed certificate example.com.crt and the private key example.com.key will be located. This certificate can be used for testing or internal purposes.

Self-signed certificates will not be trusted by browsers by default. As such, they will trigger warning pop-ups.
Источник — https://wiki.smartplayer.org/index.php?title=Создание_самоподписанных_сертификатов_SSL_с_помощью_инструмента_OpenSSL_на_Ubuntu/en&oldid=10894