728x90
cat << EOF > host_openssl.conf
extensions = v3_user
[ req ]
default_bits = 2048
default_md = sha1
default_keyfile = lesstif-rootca.key
prompt = no
distinguished_name = dn-param
[dn-param]
CN=*.openbase.local
OU=ob
O=ob
L=seoul
C=kr
[ v3_user ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
authorityKeyIdentifier = keyid,issuer
subjectKeyIdentifier = hash
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = serverAuth,clientAuth
subjectAltName = @alt_names
[ alt_names]
DNS.1 = *.openbase.local
IP.1 = 10.253.100.23
IP.2 = 10.253.100.24
#DNS.2 = lesstif.com
#DNS.3 = *.lesstif.com
[policy]
EOF아래 실행
openssl genrsa -aes256 -passout pass:'Passw0rd' -out lesstif.com.key 2048
cp lesstif.com.key lesstif.com.key.enc
openssl rsa -in lesstif.com.key.enc -passin pass:'Passw0rd' -out lesstif.com.key
openssl req -new -key lesstif.com.key -passin pass:'Passw0rd' -out lesstif.com.csr -config host_openssl.conf
openssl x509 -req -days 3650 -extensions v3_user -in lesstif.com.csr -CA /opt/vmware/vlcm/cert/server.crt -CAcreateserial -CAkey /opt/vmware/vlcm/cert/server.key -out lesstif.com.crt -extfile host_openssl.conf
openssl x509 -text -in lesstif.com.crtcat /var/tmp/lesstif.com.crt
cat /var/tmp/lesstif.com.key
cat /opt/vmware/vlcm/cert/server.crt
cat /opt/vmware/vlcm/cert/server.key아래 값들을 붙여 넣고 ca.crt 로 저장 후 vrlcm에 인증서로 Import후 각 프로덕션의 인증서를 변경 하면 됨
반응형
'VMware > vRealize' 카테고리의 다른 글
| (DK) VIDM 연동시 LOGINSIGHT FQDN으로 변경(2) (0) | 2021.06.24 |
|---|---|
| (DK) VIDM 연동시 LOGINSIGHT FQDN으로 변경(1) (0) | 2021.06.24 |
| (DK) VRLCM MULTI TENANT 구성 (0) | 2021.06.22 |
