我正在尝试创建一个自签名的SSL证书,当我去生成SSL证书时,我收到以下错误:
配置文件"v3.ext"第 1 行出现错误
我用于生成证书的命令是:
openssl x509 -req -sha256 -extfile v3.ext -days 365 -in server.csr -signkey server.key -out server.crt
我的v3.ext文件如下:
$ cat v3.ext
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = <common_name>
$
所以我想我的问题是我的 v3.ext 有什么问题。我遵循的指南在这里: https://ksearch.wordpress.com/2017/08/22/generate-and-import-a-self-signed-ssl-certificate-on-mac-osx-sierra/
从 ext 文件中删除前导 BOM。 您可以使用记事本++将编码更改为UTF-8,并在没有BOM的情况下保存。
你的 conf 文件对我来说看起来很奇怪。我一直用于自签名或 pki 签名证书的格式如下:
[ req ]
default_bits = 4096
distinguished_name = req_distinguished_name
req_extensions = req_ext
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = GB
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = England
localityName = Locality Name (eg, city)
localityName_default = Brighton
organizationName = Organization Name (eg, company)
organizationName_default = Hallmarkdesign
commonName = Common Name (e.g. server FQDN or YOUR name)
commonName_max = 64
commonName_default = localhost
[ req_ext ]
subjectAltName = @alt_names
[alt_names]
DNS.1 = your-website.dev
DNS.2 = another-website.dev