2021-07-17

windows 本地配置https

How to Get HTTPS Working in Windows 10 Localhost Dev Environment

https://zeropointdevelopment.com/how-to-get-https-working-in-windows-10-localhost-dev-environment/

OpenSSL> genrsa -des3 -out rootCA.key 2048
Generating RSA private key, 2048 bit long modulus (2 primes)
……………………………+++++
………..+++++
e is 65537 (0x010001)
Enter pass phrase for rootCA.key:
Verifying – Enter pass phrase for rootCA.key:
OpenSSL> req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem
Enter pass phrase for rootCA.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,

If you enter ‘.’, the field will be left blank.

Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:guangdong
Locality Name (eg, city) []:shenzhen
Organization Name (eg, company) [Internet Widgits Pty Ltd]:SuiBianTian
Organizational Unit Name (eg, section) []:xili
Common Name (e.g. server FQDN or YOUR name) []:ETHAN
Email Address []:ETHAN@qq.com
OpenSSL> req -new -sha256 -nodes -out client-1.local.csr -newkey rsa:2048 -keyout test.local.com.key -subj “/C=CN/ST=guangdong/L=shenzhen/O=xili/OU=ETHAN/CN=sslTest/emailAddress=hello@sslText.local”
problem creating object tsa_policy1=1.2.3.4.1
16176:error:08064066:object identifier routines:OBJ_create:oid exists:crypto\objects\obj_dat.c:698:
error in req
OpenSSL> req -new -sha256 -nodes -out client-1.local.csr -newkey rsa:2048 -keyout test.local.com.key -subj “/C=CN/ST=guangdong/L=shenzhen/O=xili/OU=ETHAN/CN=sslTest/emailAddress=hello@sslText.local”
problem creating object tsa_policy1=1.2.3.4.1
16176:error:08064066:object identifier routines:OBJ_create:oid exists:crypto\objects\obj_dat.c:698:
error in req
OpenSSL> #出错了 关闭掉窗口打开新窗口运行即可

OpenSSL> req -new -sha256 -nodes -out client-1.local.csr -newkey rsa:2048 -keyout test.local.com.key -subj “/C=CN/ST=guangdong/L=shenzhen/O=xili/OU=ETHAN/CN=sslTest/emailAddress=hello@sslText.local”
Generating a RSA private key
……………………………..+++++
…….+++++

writing new private key to ‘test.local.com.key’

OpenSSL> x509 -req -in client-1.local.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out test.local.com.crt -days 500 -sha256 -extensions “authorityKeyIdentifier=keyid,issuer\n basicConstraints=CA:FALSE\n keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment\n subjectAltName=DNS:test.local.com”
Signature ok
subject=C = CN, ST = guangdong, L = shenzhen, O = xili, OU = ETHAN, CN = sslTest, emailAddress = hello@sslText.local
Getting CA Private Key
Enter pass phrase for rootCA.key:
OpenSSL>

发表回复

Your email address will not be published. Required fields are marked *