openssl离线安装(如何windows10下安装openssl)
本文目录
- 如何windows10下安装openssl
- centos怎么安装openssl
- 如何安装openssl-devl
- 怎么装openssl-devel
- 求助,windows 2003 服务器 如何安装openssl
- openssl 自签名证书 - 安装openssl(一)
如何windows10下安装openssl
安装环境:Windows10专业版+VS2013***隐藏网址******隐藏网址***1、安装Perl(我安装在C盘,同时我的openssl也解压在C盘) 使用命令行工具,进入C:\Perl64\eg路径下, 执行“perl example.pl”,若显示“Hello from ActivePerl!”,则说明Perl安装成功。2、设置环境变量 打开我的电脑-》属性-》高级系统设置-》环境变量,找到Path系统变量,点击,添加E:\VS 2013\VC\bin;C:\Perl64\bin;c:\windows\system32,其中E:\VS 2013\VC\bin是我的VS2013的安装路径,根据情况自己修改。C:\Perl64\bin是Perl的安装路径,根据情况自己修改。
centos怎么安装openssl
1,安装openssltar zxvf openssl-1.0.0a.tar.gzcd openssl-1.0.0a./config --prefix=/usr/local/opensslmake && make install2,安装apache***隐藏网址******隐藏网址***./configure --prefix=/usr/local/apache --enable-ssl --enable-rewrite --enable-so --with-ssl=/usr/local/opensslmake && make install如果你是yum install ,apt-get,pacman这样的软件管理工具进行安装的话,上面的二步可以省掉。3,创建主证书在/usr/local/apache/conf/下面建个目录ssl3.1,mkdir ssl3.2,cp /openssl的安装目录/ssl/misc/CA.sh /usr/local/apache/conf/ssl/3.3 用CA.sh来创建证书查看复制打印1. # ./CA.sh -newca //建立主证书2. CA certificate filename (or enter to create)3. 4. Making CA certificate ...5. Generating a 1024 bit RSA private key6. ............++++++7. ......++++++8. writing new private key to ’./demoCA/private/./cakey.pem’9. Enter PEM pass phrase:10. Verifying - Enter PEM pass phrase:11. Verify failure12. Enter PEM pass phrase:13. Verifying - Enter PEM pass phrase:14. -----15. You are about to be asked to enter information that will be incorporated16. into your certificate request.17. What you are about to enter is what is called a Distinguished Name or a DN.18. There are quite a few fields but you can leave some blank19. For some fields there will be a default value,20. If you enter ’.’, the field will be left blank.21. -----22. Country Name (2 letter code) :cn23. State or Province Name (full name) :cn24. Locality Name (eg, city) :cn25. Organization Name (eg, company) :cn26. Organizational Unit Name (eg, section) :cn27. Common Name (eg, YOUR name) :localhost28. Email Address :xtaying@gmail.com29. 30. Please enter the following ’extra’ attributes31. to be sent with your certificate request32. A challenge password :******************33. An optional company name :34. Using configuration from /etc/ssl/openssl.cnf35. Enter pass phrase for ./demoCA/private/./cakey.pem: //填的是上面的PEM密码36. Check that the request matches the signature37. Signature ok38. Certificate Details:39. Serial Number:40. 89:11:9f:a6:ca:03:63:ab41. Validity42. Not Before: Aug 7 12:35:28 2010 GMT43. Not After : Aug 6 12:35:28 2013 GMT44. Subject:45. countryName = cn46. stateOrProvinceName = cn47. organizationName = cn48. organizationalUnitName = cn49. commonName = localhost50. emailAddress = xtaying@gmail.com51. X509v3 extensions:52. X509v3 Subject Key Identifier:53. 26:09:F3:D5:26:13:00:1F:3E:CC:86:1D:E4:EE:37:06:65:15:4E:7654. X509v3 Authority Key Identifier:55. keyid:26:09:F3:D5:26:13:00:1F:3E:CC:86:1D:E4:EE:37:06:65:15:4E:7656. DirName:/C=cn/ST=cn/O=cn/OU=cn/CN=localhost/emailAddress=xtaying@gmail.com57. serial:89:11:9F:A6:CA:03:63:AB58. 59. X509v3 Basic Constraints:60. CA:TRUE61. Certificate is to be certified until Aug 6 12:35:28 2013 GMT (1095 days)62. 63. Write out database with 1 new entries64. Data Base Updated# ./CA.sh -newca //建立主证书CA certificate filename (or enter to create) Making CA certificate ...Generating a 1024 bit RSA private key............++++++......++++++writing new private key to ’./demoCA/private/./cakey.pem’Enter PEM pass phrase:Verifying - Enter PEM pass phrase:Verify failureEnter PEM pass phrase:Verifying - Enter PEM pass phrase:-----You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter ’.’, the field will be left blank.-----Country Name (2 letter code) :cnState or Province Name (full name) :cnLocality Name (eg, city) :cnOrganization Name (eg, company) :cnOrganizational Unit Name (eg, section) :cnCommon Name (eg, YOUR name) :localhostEmail Address :xtaying@gmail.com Please enter the following ’extra’ attributesto be sent with your certificate requestA challenge password :******************An optional company name :Using configuration from /etc/ssl/openssl.cnfEnter pass phrase for ./demoCA/private/./cakey.pem: //填的是上面的PEM密码Check that the request matches the signatureSignature okCertificate Details: Serial Number: 89:11:9f:a6:ca:03:63:ab Validity Not Before: Aug 7 12:35:28 2010 GMT Not After : Aug 6 12:35:28 2013 GMT Subject: countryName = cn stateOrProvinceName = cn organizationName = cn organizationalUnitName = cn commonName = localhost emailAddress = xtaying@gmail.com X509v3 extensions: X509v3 Subject Key Identifier: 26:09:F3:D5:26:13:00:1F:3E:CC:86:1D:E4:EE:37:06:65:15:4E:76 X509v3 Authority Key Identifier: keyid:26:09:F3:D5:26:13:00:1F:3E:CC:86:1D:E4:EE:37:06:65:15:4E:76 DirName:/C=cn/ST=cn/O=cn/OU=cn/CN=localhost/emailAddress=xtaying@gmail.com serial:89:11:9F:A6:CA:03:63:AB X509v3 Basic Constraints: CA:TRUECertificate is to be certified until Aug 6 12:35:28 2013 GMT (1095 days) Write out database with 1 new entriesData Base Updated安装成功的话,会在ssl目录下面产生一个文件夹demoCA4 生成服务器私钥和服务器证书查看复制打印1. # openssl genrsa -des3 -out server.key 1024 //产生服务器私钥2. Generating RSA private key, 1024 bit long modulus3. .....................++++++4. .........++++++5. e is 65537 (0x10001)6. Enter pass phrase for server.key:7. Verifying - Enter pass phrase for server.key:8. # openssl req -new -key server.key -out server.csr //生成服务器证书9. Enter pass phrase for server.key:10. You are about to be asked to enter information that will be incorporated11. into your certificate request.12. What you are about to enter is what is called a Distinguished Name or a DN.13. There are quite a few fields but you can leave some blank14. For some fields there will be a default value,15. If you enter ’.’, the field will be left blank.16. -----17. Country Name (2 letter code) :cn18. State or Province Name (full name) :cn19. Locality Name (eg, city) :cn20. Organization Name (eg, company) :cn21. Organizational Unit Name (eg, section) :cn22. Common Name (eg, YOUR name) :localhost //要填全域名23. Email Address :xtaying@gmail.com24. 25. Please enter the following ’extra’ attributes26. to be sent with your certificate request27. A challenge password :*****************28. An optional company name :# openssl genrsa -des3 -out server.key 1024 //产生服务器私钥Generating RSA private key, 1024 bit long modulus.....................++++++.........++++++e is 65537 (0x10001)Enter pass phrase for server.key:Verifying - Enter pass phrase for server.key:# openssl req -new -key server.key -out server.csr //生成服务器证书Enter pass phrase for server.key:You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter ’.’, the field will be left blank.-----Country Name (2 letter code) :cnState or Province Name (full name) :cnLocality Name (eg, city) :cnOrganization Name (eg, company) :cnOrganizational Unit Name (eg, section) :cnCommon Name (eg, YOUR name) :localhost //要填全域名Email Address :xtaying@gmail.com Please enter the following ’extra’ attributesto be sent with your certificate requestA challenge password :*****************An optional company name :4.1 对产生的服务器证书进行签证cp server.csr newseq.pem
如何安装openssl-devl
检查是否已安装openssl:\x0d\x0asudo apt-get install openssl\x0d\x0a如果已安装执行以下操作:\x0d\x0asudo apt-get install libssl-dev\x0d\x0asudo apt-get install libssl0.9.8\x0d\x0a\x0d\x0aUbuntu 下安装 GTK+ 开发库\x0d\x0asudo apt-get install libgtk2.0-dev
怎么装openssl-devel
方法一、直接安装yum install openssl openssl-devel
方法二、下载源码编译安装
下载***隐藏网址***
解压tar zxf openssl-1.0.2h.tar.gz
安装cd openssl-1.0.2h./config shared zlibbecause of configuration changes, you MUST do the following before*** building:提醒需要在build之前做make dependmake dependmake installmv /usr/bin/openssl /usr/bin/openssl.bakmv /usr/include/openssl /usr/include/openssl.bakln -s /usr/local/ssl/bin/openssl /usr/bin/opensslln -s /usr/local/ssl/include/openssl /usr/include/opensslecho “/usr/local/ssl/lib” 》》 /etc/ld.so.confldconfig -v
检测安装是否成功:openssl version -a
求助,windows 2003 服务器 如何安装openssl
一、准备工作1.windows2003添加组件添加IIS:勾选“应用程序服务器”,然后双击进入下图,勾选“IIS”和“ASP.NET”添加证书系统:勾选“证书服务”添加组件的时候要求填写的就按照操作填上就行了,然后下一步,直到完成。2.把openssl(执行版,有的叫编译后版)解压到d:下,当然哪个盘都可以。二、获取IIS证书请求架设好IIS网站后,在【目录安全性】选项卡中点击【服务器证书】按钮,【下一步】,【新建证书】,【现在准备证书请求--下一步】,输入【名称】,输入【单位】和【部门】,输入【公用名称】,选择【国家】并输入【省】和【市县】并【下一步】,【下一步】,【下一步】,【完成】,IIS的证书请求已经获取,就是C:\certreq.txt。这里请牢记输入的信息。 三、开始操作openssl(cmd –》 d:\openssl-0.9.7\out32dll 下执行下面的操作,注意openssl.cnf文件,后面命令都是用它编译的)1.生成自签名根证书openssl req -x509 -newkey rsa:1024 -keyout cakey.pem -out cacert.pem -days 3650 -config d:\openssl-0.9.7\apps\openssl.cnf PEM pass phrase:根证书密码,当然很重要! Country Name: CN //两个字母的国家代号 State or Province Name: guang dong //省份名称 Locality Name: guang zhou //城市名称 Organization Name: sunrising //公司名称 Organizational Unit Name: home //部门名称 Common Name: besunny //你的姓名(要是生成服务器端的证书一定要输入域名或者ip地址) Email Address: Email地址2.把cakey.pem 拷贝到\demoCA\private, 把cacert.pem拷贝到out32dll\demoCAcopy cakey.pem demoCA\private copy cacert.pem demoCA提醒:这时候,已经有cakey.pem:ca的私钥文件,cacert.pem:ca的自签名根证书,certreq.txt:IIS的证书请求文件,三个文件。3.用CA证书cacert.pem为IIS请求certreq.txt签发证书server.pem openssl ca -in certreq.txt -out server.pem -config d:\openssl-0.9.7\apps\openssl.cnf4.把server.pem转换成x509格式 openssl x509 -in server.pem -out server.cer提醒:这时候,你又得到了两个文件,一个是server.pem,一个是server.cer。现在把bin下的server.cer复制到c:下。5.将生成的证书server.cer导入到IIS打开IIS,在【默认网站】上单击右键【属性】,在【目录安全性】选项卡中点击【服务器证书】按钮,【下一步】,选择【处理挂起的请求并安装证书】并【下一步】,正常情况下,您已经看到了文本框中就是c:\server.cer,如果不是,自己点【浏览】按钮去找并【下一步】,【下一步】,【完成】。回到【目录安全性】选项卡在【安全通信】栏目中单击【】按钮,勾上【要求安全通道(SSL)】,勾上【要求128位加密】,选择【要求客户端证书】,点击【确定】按钮。6.生成客户端证书 openssl req -newkey rsa:1024 -keyout clikey.pem -out clireq.pem -days 365 -config d:\openssl-0.9.7\apps\openssl.cnf证书信息自己填写,有些内容要与根证书一致。7.CA签发客户端证书 openssl ca -in clireq.pem -out client.crt -config d:\openssl-0.9.7\apps\openssl.cnf8.将客户端证书转换为pk12格式 openssl pkcs12 -export -clcerts -in client.crt -inkey clikey.pem -out client.p12 -config d:\openssl-0.9.7\apps\openssl.cnf9.安装信任的根证书把cacert.pem改名为cacert.cer,双击cacert.cer文件,打开证书信息窗口,单击【安装证书】按钮,【下一步】。提醒,下面是最关键的:选择【将所有的证书放入下列存储区】,点击【浏览】按钮 选择【受信任的根证书颁发机构】,勾选【物理存储区】,选择【受信任的根证书颁发机构】,点【本地计算机】,并点击【确定】,【下一步】,【完成】,【是】,根证书安装完毕!勾选【物理存储区”,选择“受信任的根证书颁发机构”,点“本地计算机”,然后点“确定”。 “clent.crt”的安装也是上面相同的步骤。10.安装客户端证书找到client.p12文件拷贝到本地计算机,然后双击,【下一步】,【下一步】,输入客户端证书的密码并【下一步】,【下一步】,【完成】,【确定】。到此,客户端的证书也已经安完毕。 提醒:最好把cacert.cer文件作为受新人的根证书安装到本地。我架设的是提供给内网使用的,所以Common ***隐藏网址*** 如果没有导入cacert.cer根证书,会提示下面的: 点“是”继续就可以了。然后还会弹出选择客户端数字证书的提示框。
openssl 自签名证书 - 安装openssl(一)
环境:macbook、终端、XCode、openssl1.1.1a 环境:macbook、终端、XCode、openssl1.1.1a 环境:macbook、终端、XCode、openssl1.1.1a 重要的事儿要说三遍...
【下一篇:openssl 自签名证书 - 制作证书(二)】
更多文章:
联想笔记本电脑y460(联想笔记本电脑y460无线开关在哪里)
2024年7月12日 23:19
联想ideapadyoga(联想ideapadyoga11s)
2024年7月19日 02:34
惠普elitebook6930p(惠普elitebook6930P)
2024年7月12日 14:31