Печать

Пожалуйста, войдите или зарегистрируйтесь.
1 час 1 день 1 неделя 1 месяц Навсегда

[adc]

Код: (gen_SSL.conf) [Выделить]

[ req ]
default_bits = 2048 # Can be 1024-4096
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type
prompt = no # Don't ask params, read it from file

[ req_dn ]
C=RU # Country Name (2 letter code)
ST=Russia # State or Province Name (full name)
L=Moscow # Locality Name (eg, city)
O=adc server # Organization Name (eg, company)
OU=adc ssl key # Organizational Unit Name (eg, section)
CN=adc.su # Common Name (eg, YOUR name, *.example.com is also possible)
emailAddress=tech@adc.su # Email Address

[ cert_type ]
nsCertType = server

[ v3_req ]
subjectAltName = email:copy,DNS:adc.su,DNS:ns.adc.su,DNS:212.109.199.94


Код: (gen_SSL_Cert-Key) [Выделить]

#!/bin/sh
#######################################################################
###  Generates a self-signed certificate  #############################
#######################################################################


SSL_dir=./
SSL_config=$SSL_dir/gen_SSL.conf

CERT_file=$SSL_dir/server_cert.pem
KEY_file=$SSL_dir/server_key.pem

if [ -f $CERT_file ]; then
  echo "$CERT_file already exists, won't overwrite"
  exit 1
fi

if [ -f $KEY_file ]; then
  echo "$KEY_file already exists, won't overwrite"
  exit 1
fi

/usr/bin/openssl req -new -x509 -days 365 -nodes -extensions v3_req -config $SSL_config -out $CERT_file -keyout $KEY_file || exit 2
chmod 0600 $KEY_file
echo
/usr/bin/openssl x509 -subject -fingerprint -noout -in $CERT_file || exit 2