遇到麻烦 - 其他一些相关的帖子,但没有那么具体。我正在尝试为开发机器静默生成证书。这些是我最初运行的命令,但被要求输入密码:
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 1024 -in server.csr -signkey server.key -out server.crt
下面的第一个命令有效,但第二个命令不起作用。我看到了passin选项,但遇到了麻烦,因为我仍然被要求提供密码短语。
openssl genrsa -des3 -passout pass:$passphrase -out server.key 1024
openssl req -passout pass:$passphrase -new -key server.key -out server.csr
openssl x509 -req -days 1024 -in server.csr -signkey server.key -out server.crt
答案 0 :(得分:15)
$ openssl genrsa -out server.key 1024
$ touch openssl.cnf
$ cat >> openssl.cnf <<EOF
[ req ]
prompt = no
distinguished_name = req_distinguished_name
[ req_distinguished_name ]
C = GB
ST = Test State
L = Test Locality
O = Org Name
OU = Org Unit Name
CN = Common Name
emailAddress = test@email.com
EOF
$ openssl req -config openssl.cnf -new -key server.key -out server.csr
$ openssl x509 -req -days 1024 -in server.csr -signkey server.key -out server.crt
答案 1 :(得分:0)
Windows解决方案。使用以下命令创建批处理文件(start-https-server.bat):
@echo off
if not exist ".\openssl.cnf" (
@echo [ req ] > openssl.cnf
@echo prompt = no >> openssl.cnf
@echo distinguished_name = req_distinguished_name >> openssl.cnf
@echo [ req_distinguished_name ] >> openssl.cnf
@echo C = IE >> openssl.cnf
@echo ST = Test State >> openssl.cnf
@echo L = Test Locality >> openssl.cnf
@echo O = Org Name >> openssl.cnf
@echo OU = Org Unit Name >> openssl.cnf
@echo CN = Common Name >> openssl.cnf
@echo emailAddress = test@email.com >> openssl.cnf
openssl req -newkey rsa:2048 -new -nodes -keyout key.pem -out csr.pem -config openssl.cnf
openssl x509 -req -days 365 -in csr.pem -signkey key.pem -out cert.pem
)
将以下内容添加到批处理文件的末尾,以使用节点的http-server(https://www.npmjs.com/package/http-server)打开该站点。
http-server -S -o
警告:这只适合开发。