以 Windows 系統為例,開發環境已安裝 Git,直接使用 Git 的 OpenSSL,路徑 C:\Program Files\Git\usr\bin\openssl.exe
,版本 3.1.1
。
建立憑證
建立 test.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
| [req] default_md = sha256 default_bits = 2048 distinguished_name = req_distinguished_name x509_extensions = v3_ca prompt = no
[req_distinguished_name] C = TW ST = Taiwan L = New Taipei O = Test Inc. OU = IT Department CN = localhost emailAddress = [email protected]
[v3_ca] subjectAltName = @subject_alt_names extendedKeyUsage = serverAuth
[subject_alt_names] DNS.1 = *.test.com
|
建立 .key
和 .crt
1
| "C:\Program Files\Git\usr\bin\openssl.exe" req -x509 -new -newkey rsa -noenc -utf8 -days 30 -keyout C:\Projects\Certificates\test.key -out C:\Projects\Certificates\test.crt -config C:\Projects\Certificates\test.conf
|
建立 .pfx
1
| "C:\Program Files\Git\usr\bin\openssl.exe" pkcs12 -export -in C:\Projects\Certificates\test.crt -inkey C:\Projects\Certificates\test.key -out C:\Projects\Certificates\test.pfx -name "Test Certificate"
|
OpenSSL