728x90
### HARBOR 구성
cat << EOF | tee rootca_openssl.conf
extensions = v3_ca
[ req ]
default_bits = 2048
default_md = sha1
default_keyfile = lesstif-rootca.key
prompt = no
distinguished_name = dn-param
[dn-param]
CN=*.vcf.local
OU=ob
O=ob
L=seoul
C=kr
[ v3_ca ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
authorityKeyIdentifier = keyid,issuer
subjectKeyIdentifier = hash
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = serverAuth,clientAuth
subjectAltName = @alt_names
[ alt_names]
DNS.1 = *.vcf.local
IP.1 = 10.253.108.10
#DNS.2 = lesstif.com
#DNS.3 = *.lesstif.com
[policy]
EOFopenssl genrsa -aes256 -passout pass:'P@ssw0rd' -out lesstif-rootca.key 2048
cp lesstif-rootca.key lesstif-rootca.key.enc
openssl rsa -in lesstif-rootca.key.enc -passin pass:'P@ssw0rd' -out lesstif-rootca.key
openssl req -config rootca_openssl.conf -new -key lesstif-rootca.key -passin pass:'P@ssw0rd' -out lesstif-rootca.csr
openssl x509 -req -days 3650 -extensions v3_ca -set_serial 1 -in lesstif-rootca.csr -signkey lesstif-rootca.key -passin pass:'Openbase!234' -out lesstif-rootca.crt -extfile rootca_openssl.conf
openssl x509 -text -in lesstif-rootca.crt
openssl x509 -inform PEM -in lesstif-rootca.crt -out lesstif-rootca.cert반응형
'LINUX > UBUNTU' 카테고리의 다른 글
| (DK) UBUNTU IP 설정 (0) | 2021.06.15 |
|---|---|
| (DK) 우분투 DNS NAME 변경 불가 (0) | 2021.06.15 |
| (DK) UBUNTU Interface unrecognizable (0) | 2021.06.11 |
| (DK) UBUNTU 커널 변경 (0) | 2021.06.11 |
| (DK) UBUNTU kernal delete (0) | 2021.06.11 |
