ssl配置
創建私鑰
openssl genrsa -out ./privatekey 2048
導出根機構證書
openssl req -new -x509 -key privatekey -out root.cer -days 365 -subj /CN=sudytech.com
創建證書庫
keytool -genkeypair -v -alias myssl -keyalg RSA -sigalg SHA1withRSA -keysize 1024 -keystore ./keystore -validity 330 -dname "CN=sudy.f3322.org,OU=Sudytech,O=Group,L=NanJing,ST=JiangSu,C=CN"
導出證書
keytool -certreq -v -alias myssl -file ./tomcat.cer -keystore ./keystore
使用機構證書籤名證書
openssl ca -keyfile ./privatekey -cert ./root.cer -in ./tomcat.cer -out ./tomcatsigned.cer -days 300 -policy policy_anything
導入根證書
keytool -importcert -alias RootCA -file ./root.cer -keystore ./keystore
導入已經簽名證書
keytool -importcert -alias myssl -file ./tomcatsigned.cer -keystore ./keystore
查看證書
keytool -list -keystore ./keystore