linxu服务器配置本地免费ssl证书

Mark   in HangZhou

有时候在本地开发时候也需要配置ssl证书,这样保证和线上环境一样,更适合调试,所以本篇介绍如何配置本地免费ssl证书。

# 安装mkcert

# linux安装

mkcert (opens new window)是Google公司开发的一款小工具,用来自签本地证书。

  • 安装certutil
sudo apt install libnss3-tools
    -or-
sudo yum install nss-tools
    -or-
sudo pacman -S nss
    -or-
sudo zypper install mozilla-nss-tools
1
2
3
4
5
6
7

记得使用非root账号操作,否则报错!

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"
test -d ~/.linuxbrew && eval $(~/.linuxbrew/bin/brew shellenv)
test -d /home/linuxbrew/.linuxbrew && eval $(/home/linuxbrew/.linuxbrew/bin/brew shellenv)
test -r ~/.bash_profile && echo "eval \$($(brew --prefix)/bin/brew shellenv)" >>~/.bash_profile
echo "eval \$($(brew --prefix)/bin/brew shellenv)" >>~/.profile
1
2
3
4
5
  • 安装mkcert
brew install mkcert
1

# 签署证书

# root certbot
mkcert -install

# command
mkcert -key-file key.pem -cert-file cert.pem example.com *.example.com

# option
-cert-file FILE, -key-file FILE, -p12-file FILE
    Customize the output paths.

-client
    Generate a certificate for client authentication.

-ecdsa
    Generate a certificate with an ECDSA key.

-pkcs12
    Generate a ".p12" PKCS #12 file, also know as a ".pfx" file,
    containing certificate and key for legacy applications.

-csr CSR
    Generate a certificate based on the supplied CSR. Conflicts with
    all other flags and arguments except -install and -cert-file.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

# 展示

linux ssl

版权声明:博客内容遵循 署名-非商业性使用-相同方式共享 4.0 国际 (CC BY-NC-SA 4.0) 协议

本文永久链接是:

如需转载,请注明《》转自,原作者

分享至:

  • qq
  • qq空间
  • 微博
  • 豆瓣
  • 贴吧
安装mkcert
linux安装
签署证书
展示
  • Copyright © 2017-2024 MarkGuan