From 025544449a9b21df37d45e47beae64fc3ba61794 Mon Sep 17 00:00:00 2001 From: Yuxiang Zhang Date: Sat, 6 Apr 2019 10:56:38 +0800 Subject: [PATCH] remove section of certificate generation --- README.md | 57 ------------------------------------------------------- 1 file changed, 57 deletions(-) diff --git a/README.md b/README.md index 02df02a..90a77e0 100644 --- a/README.md +++ b/README.md @@ -50,63 +50,6 @@ PreSyncing Syncing Success +-----------------+ ``` -## Generate Self-Signed Certificate - -First, create root CA - -``` -openssl genrsa -out rootCA.key 2048 -openssl req -x509 -new -nodes -key rootCA.key -days 365 -out rootCA.crt -``` - -Create host key - -``` -openssl genrsa -out host.key 2048 -``` - -Now create CSR, before that, write a `req.cnf` - -``` -[req] -distinguished_name = req_distinguished_name -req_extensions = v3_req - -[req_distinguished_name] -countryName = Country Name (2 letter code) -countryName_default = CN -stateOrProvinceName = State or Province Name (full name) -stateOrProvinceName_default = BJ -localityName = Locality Name (eg, city) -localityName_default = Beijing -organizationalUnitName = Organizational Unit Name (eg, section) -organizationalUnitName_default = TUNA -commonName = Common Name (server FQDN or domain name) -commonName_default = -commonName_max = 64 - -[v3_req] -# Extensions to add to a certificate request -basicConstraints = CA:FALSE -keyUsage = nonRepudiation, digitalSignature, keyEncipherment -subjectAltName = @alt_names - -[alt_names] -DNS.1 = -DNS.2 = -``` - -Substitute `` with your server's FQDN, then run - -``` -openssl req -new -key host.key -out host.csr -config req.cnf -``` - -Finally generate and sign host cert with root CA - -``` -openssl x509 -req -in host.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out host.crt -days 365 -extensions v3_req -extfile req.cnf -``` ## Building