Linux openssl:OpenSSL命令

Linux openssl:OpenSSL命令:命令行工具。

Linux openssl:OpenSSL命令 功能描述

使用openssl命令可以实现OpenSSL加密功能。OpenSSL是一个加密工具包,可以实现安全套接字层(SSL v2/v3)和传输层安全性(TLS V1)的网络协议,以及它们需要的相关加密标准。

Linux openssl:OpenSSL命令 语法

openssl [命令] [命令选项] [命令参数]

Linux openssl:OpenSSL命令 示例

创建一个RSA私有密钥

[root@rhel ~]# openssl genrsa -des3-out /root/ca.key 1024
Generating RSA private key, 1024 bit long modulus
..............................................++++++
...............++++++
e is 65537 (0x10001)
Enter pass phrase for/root/ca.key:                            //输入密钥保护密码
Verifying-Enter pass phrase for/root/ca.key:                    //再次输入密钥保护密码

查看RSA私有密钥/root/ca.key的内容

[root@rhel ~]# openssl rsa -noout -text -in /root/ca.key
Enter pass phrase for/root/ca.key:                           //输入密钥保护密码
Private-Key: (1024 bit)
modulus:
  00:c7:f1:d9:b4:d6:58:2c:7a:36:d3:9b:c4:bf:4b:
  38:e3:5a:4d:4e:5f:51:6f:f3:dd:5d:3f:d0:ea:3d:
  96:62:8a:44:d0:e5:df:14:d4:2b:fb:1c:2a:a1:18:
  ad:2f:92:3a:ca:57:9a:c5:8e:2d:93:dc:a7:9e:e2:
  dd:ae:d8:6f:dd:50:55:50:27:83:b8:58:16:78:86:
  b1:91:b6:4e:ec:27:b3:c7:92:7f:6c:ab:4a:ec:2c:
  62:fa:9b:e6:6f:39:c0:0f:d8:5f:92:87:93:f1:72:
    da:77:e4:86:e2:6e:e7:81:ed:38:cc:1f:d2:5b:f1:
    b0:d9:43:4e:ff:9a:de:6c:43
publicExponent: 65537 (0x10001)
privateExponent:
    0e:17:8a:9b:87:3b:e1:ae:9f:6c:9c:9e:ea:48:97:
    f2:d6:2b:7a:a9:97:28:c7:cc:43:45:3b:29:37:3c:
    01:27:f3:9f:b1:83:de:88:f1:ac:9a:18:9b:10:0d:
    2c:bc:26:ae:9a:2c:0b:5e:70:f1:e9:ec:5a:73:6c:
    e2:64:d8:c5:65:59:a6:b1:68:5d:ca:7e:08:0f:94:
    09:d1:b2:f4:dd:a3:0c:7f:b1:6d:df:03:00:28:c0:
    50:70:ac:b4:38:ea:a9:83:28:7c:92:8a:88:51:e4:
    0a:e6:89:e3:2f:11:df:a7:49:03:16:7f:f4:cb:84:
    af:c7:95:56:35:3b:e7:71
prime1:
    00:f8:e6:ad:b4:59:20:b1:12:1b:c3:02:dd:e2:62:
    43:54:af:00:90:87:9d:29:ca:43:6b:85:e1:58:93:
    9b:e0:3b:48:14:ec:af:35:70:c4:d9:93:28:19:07:
    c3:81:79:9b:69:4a:55:e8:33:21:0c:12:30:5c:01:
    cc:66:c4:71:6b
prime2:
    00:cd:a5:b9:0f:2d:f6:52:ba:65:a7:5b:0b:f7:21:
    72:4f:72:d7:26:70:c4:ac:84:a3:e3:cf:3b:75:b1:
    fe:36:7f:61:68:1c:7f:80:85:56:24:89:7f:a5:fc:
    9d:4b:7a:b7:f3:76:2c:32:e8:98:17:b2:18:c9:c1:
    28:32:b5:ae:89
exponent1:
    40:56:00:18:59:e1:65:63:b4:e1:57:60:5b:1f:e3:
    1f:84:8c:b4:cf:19:04:b0:4f:74:ff:8a:1c:07:2b:
    87:6e:4b:57:7d:46:5c:9d:e5:84:07:d1:99:86:b4:
    36:47:64:b0:76:92:76:0e:a1:40:29:83:6e:84:d8:
    7c:c7:d2:39
exponent2:
    68:f8:b7:ff:0c:9a:18:de:76:b7:37:9d:62:f7:9a:
    ae:fd:52:df:97:5e:7d:25:73:b6:fc:78:40:7a:ab:
    e5:cb:9d:c0:14:13:ed:59:a2:80:22:03:9b:89:d8:
    0c:c8:46:8f:aa:f9:a2:be:e1:ab:ee:c8:02:6c:6b:
    85:7f:01:e9
coefficient:
    75:0e:21:c9:f0:8e:26:9f:c6:76:a2:4f:46:24:15:
    4a:dc:3a:95:d9:22:af:e0:ea:15:00:36:6d:44:10:
    1d:22:6b:f4:55:1b:17:cd:f4:be:46:f0:07:58:e7:
    14:33:17:a3:9d:0e:be:ab:5d:d6:39:ea:4d:8c:44:
e0:66:be:9a

使用RSA密钥创建一个自签名的CA证书

[root@rhel ~]# openssl req -new -x509-days 3650-key /root/ca.key -out /root/ca.crt
Enter pass phrase for/root/ca.key:                               //输入密钥保护密码
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name(2 letter code)[XX]:CN
State or Province Name(full name)[]:shanghai
Locality Name(eg, city)[Default City]:shanghai
Organization Name(eg, company)[Default Company Ltd]:sh
Organizational Unit Name(eg, section)[]:it
Common Name(eg, your name or your server's hostname)[]:rhel
Email Address[]:root@sh.com
赞(0)
未经允许不得转载:极客笔记 » Linux openssl:OpenSSL命令
分享到: 更多 (0)

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址