CSRファイルの作成手順
cd /root
mkdir csr
cd csr
touch csr
openssl sha1 * > sha1.dat
ls
openssl genrsa -des3 -out server.key -rand sh1.dat 2048
Enter pass phrase for server.key:xxxxxxxxxx
Verifying - Enter pass phrase for server.key:xxxxxxxxxx
openssl req -new -key server.key -out CSRyyyymmdd.txt
Country Name (2 letter code) [XX]:JP
State or Province Name (full name) []:
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:test
Organizational Unit Name (eg, section) []:test
Common Name (eg, your name or your server's hostname) []:www.test.jp
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
openssl asn1parse -in CSRyyyymmdd.txt
PRINTABLESTRINGにするには、事前に/etc/pki/tsl/openssl.cnfで以下にする
vi /etc/pki/tsl/openssl.cnf
string_mask = utf8only
↓
string_mask = nombstr
:wq
service sshd restart