{"id":55,"date":"2021-01-13T10:56:47","date_gmt":"2021-01-13T02:56:47","guid":{"rendered":"https:\/\/www.ssle.cn\/help\/?p=55"},"modified":"2022-01-13T12:51:11","modified_gmt":"2022-01-13T04:51:11","slug":"openssl-sheng-cheng-csr-ecc","status":"publish","type":"post","link":"https:\/\/ssle.cn\/help\/openssl-sheng-cheng-csr-ecc\/","title":{"rendered":"OpenSSL\u751f\u6210CSR &#8211; ECC"},"content":{"rendered":"<p>Linux\u7cfb\u7edf\u4e00\u822c\u9ed8\u8ba4\u81ea\u5e26openssl\uff0c\u5982\u679c\u6ca1\u6709\u5219\u9700\u8981\u5b89\u88c5 CentOS \u00a0<code>yum install openssl<\/code>\u00a0Debian\/Ubuntu\u00a0<code>sudo apt-get install openssl<\/code><\/p>\n<p>Windows\u7528\u6237\u9700\u8981\u4e0b\u8f7dopenssl\u8f6f\u4ef6<\/p>\n<p><strong>\u751f\u6210CSR\u547d\u4ee4<\/strong><\/p>\n<pre class=\" language-bash\"><code class=\" language-bash\">openssl ecparam -out server.key -name prime256v1 -genkey\r\nopenssl req -new -key server.key -out server.csr <\/code><\/pre>\n<div class=\"panel panel-default\">\n<div>\n<p><strong>\u8fd0\u884c\u4e0a\u9762\u7684\u547d\u4ee4\u9700\u8981\u586b\u5199\u7533\u8bf7\u8005\u4fe1\u606f<\/strong><\/p>\n<\/div>\n<pre>Country Name (2 letter code) [AU]:CN  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0#\u56fd\u5bb6 2\u4e2a\u5b57\u6bcd\u7684\u7f29\u5199\uff08CN \u4e2d\u56fd \u00a0AU \u6fb3\u6d32\uff09\r\nState or Province Name (full name) [Some-State]:Zhejiang  \u00a0 \u00a0#\u7701\u4efd\r\nLocality Name (eg, city) []:Jiaxing  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 #\u57ce\u5e02\r\nOrganization Name (eg, company) [Internet Widgits Pty Ltd]:SSLE  #\u516c\u53f8\u540d\u79f0\r\nOrganizational Unit Name (eg, section) []:IT Dept.  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0#\u90e8\u95e8\r\nCommon Name (e.g. server FQDN or YOUR name) []:www.yourdomain.com #\u7533\u8bf7SSL\u7684\u57df\u540d\r\nEmail Address []:demo@ssle.cn  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0#Email\u5730\u5740 \u586b\u5199\u4efb\u610f\u53ef\u7528\u7684\u90ae\u7bb1<\/pre>\n<\/div>\n<p>\u7533\u8bf7\u5b8c\u6210\u540e\u4f1a\u5728\u5f53\u524d\u76ee\u5f55\u751f\u62102\u4e2a\u6587\u4ef6<code>\u00a0server.csr[CSR\u6587\u4ef6]<\/code>\u548c\u00a0server.key[\u79c1\u94a5]\u00a0,\u8bf7\u52a1\u5fc5\u4fdd\u5b58\u597d\u8fd92\u4e2a\u6587\u4ef6\uff0c\u5426\u5219\u8bc1\u4e66\u65e0\u6cd5\u5b89\u88c5\u3002<\/p>\n<p><strong>\u4ee5\u4e0b\u662f\u5b8c\u6574\u7684\u751f\u6210\u8fc7\u7a0b<\/strong><\/p>\n<pre>[root@iZ289qba919Z csr]#\u00a0<span style=\"color: #008000;\"><strong>openssl ecparam -out server.key -name prime256v1 -genkey<\/strong><\/span>\r\n[root@iZ289qba919Z csr]#\u00a0<strong><span style=\"color: #008000;\">openssl req -new -key server.key -out server.csr<\/span><\/strong>\r\nGenerating a 2048 bit RSA private key\r\n..................+++\r\n...............+++\r\nwriting new private key to 'server.key'\r\n-----\r\nYou are about to be asked to enter information that will be incorporated\r\ninto your certificate request.\r\nWhat you are about to enter is what is called a Distinguished Name or a DN.\r\nThere are quite a few fields but you can leave some blank\r\nFor some fields there will be a default value,\r\nIf you enter '.', the field will be left blank.\r\n-----\r\n<span style=\"color: #ff0000;\"><strong>Country Name (2 letter code) [AU]:CN<\/strong><\/span>\r\n<span style=\"color: #ff0000;\"><strong>State or Province Name (full name) [Some-State]:Zhejiang<\/strong><\/span>\r\n<span style=\"color: #ff0000;\"><strong>Locality Name (eg, city) []:Jiaxing<\/strong><\/span>\r\n<span style=\"color: #ff0000;\"><strong>Organization Name (eg, company) [Internet Widgits Pty Ltd]:SSLE<\/strong><\/span>\r\n<span style=\"color: #ff0000;\"><strong>Organizational Unit Name (eg, section) []:IT Dept.<\/strong><\/span>\r\n<span style=\"color: #ff0000;\"><strong>Common Name (e.g. server FQDN or YOUR name) []:www.yourdomain.com<\/strong><\/span>\r\n<span style=\"color: #ff0000;\"><strong>Email Address []:demo@ssle.cn<\/strong><\/span>\r\nPlease enter the following 'extra' attributes\r\nto be sent with your certificate request\r\nA challenge password []:\r\nAn optional company name []:\r\n[root@iZ289qba919Z csr]# ls\r\n<span style=\"color: #008000;\">server.csr \u00a0server.key<\/span><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Linux\u7cfb\u7edf\u4e00\u822c\u9ed8\u8ba4\u81ea\u5e26openssl\uff0c\u5982\u679c\u6ca1\u6709\u5219\u9700\u8981\u5b89\u88c5 CentOS \u00a0yum install openssl\u00a0Debian\/Ubuntu\u00a0sudo apt-get install openssl Windows\u7528\u6237\u9700\u8981\u4e0b\u8f7dopenssl\u8f6f\u4ef6 \u751f\u6210CSR\u547d\u4ee4 openssl ecparam -out server. &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[10],"tags":[],"class_list":["post-55","post","type-post","status-publish","format-standard","hentry","category-sheng-cheng-csr"],"_links":{"self":[{"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/posts\/55","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/comments?post=55"}],"version-history":[{"count":0,"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/posts\/55\/revisions"}],"wp:attachment":[{"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/media?parent=55"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/categories?post=55"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ssle.cn\/help\/wp-json\/wp\/v2\/tags?post=55"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}