红帽全球峰会此内容没有您所选择的语言版本。
Appendix E. Certificates
E.1. Creating SSL/TLS Certificates
复制链接链接已复制到粘贴板!
Summary
SSL/TLS certificates provide a layer of security for accessing your installation over HTTPS. This procedure provides instructions for creating certificates and configuring your server with them.
The following procedure requires
Copy to Clipboard
Copied!
Toggle word wrap
Toggle overflow
openssl. To install this tool, run the following command on your server:
#yum install openssl
#yum install openssl
A Certificate Authority (CA) signs certificates to provide verifification of their validity. Web browsers contain a number of CA certificates for verifying HTTPS communication with secure websites. Some of these CAs require a fee to provide a CA pair for your server, while some are open and provide free CA pairs. This procedure describes how to generate your own Certificate Authority (CA) certificate and key for your own internal network usage.
Procedure E.1. Creating a Certificate Authority
- Run the following command:
#openssl req -new -x509 -keyout ca.key -out ca.crt -days 3650
#openssl req -new -x509 -keyout ca.key -out ca.crt -days 3650Copy to Clipboard Copied! Toggle word wrap Toggle overflow This command requests a new CA pair valid for 3650 days. - Enter a password to protect your CA:
Copy to Clipboard Copied! Toggle word wrap Toggle overflow - Enter the following details about your organization:
Copy to Clipboard Copied! Toggle word wrap Toggle overflow This information forms the Distinguished Name (DN) in your certificate.
Conclusion
You have created a Certificate Authority. openssl creates two files: ca.key, which is a key that administrators use to sign certificates, and ca.crt, which is the public CA certificate that users obtain to verify the validity of signed certificates they receive. Make sure users accessing your server have a copy of ca.crt so that they can import it into their client's trusted CA store.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}