对理解证书生成的整个过程有一定的帮助。
申请证书流程
1、产生私钥 server.key
2、产生 CSR 文件 server.csr(证书请求)
将server.csr发给证书签发商进行签名,价格参考如下:
SSL证书价格
原价 优惠价
3、提供商将以邮件的方式将服务器证书给用户,如:
-----BEGIN CERTIFICATE-----
ABCDEFGHIJKLMNOPQRSTUVWXYZDhVXMubIcy98iHIDANBgkqhkiG9w0BAQQFADCB
ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVy
aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2Vy
dmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMg
SW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0w
NDExMTgwMDAwMDBaFw0wNTExMTgyMzU5NTlaMGUxCzAJBgNVBAYTAkNOMRAwDgYD
VQQIEwdCZWlqaW5nMRAwDgYDVQQHFAdCZWlqaW5nMRQwEgYDVQQKFAtIdWFYaWEg
QmFuazEcMBoGA1UEAxQTd3d3Lmh1YS14aWFiYW5rLmNvbTCBnzANBgkqhkiG9w0B
AQEFAAOBjQAwgYkCgYEA38hgvsI4t0WZNX5VeGvk9IvmaZIZ6vIuKOhE6Q8FAiCx
2ArQ2YQsWKHc0f037Z0H8j1OLPDA9ScnaukUk09HDxmH+qs92mE5KwnAcinGHok4
i+P/aRWB4K/RCQKQhwROwszkaX0PiSMsVw/w91BmO9pslaZhjogq/UK31wx6Hn0C
AwEAAaOCAlswggJXMAkGA1UdEwQCMAAwggIfBgNVHQMEggIWMIICEjCCAg4wggIK
BgtghkgBhvhFAQcBATCCAfkWggGnVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0
ZXMgYnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0
IHRvLCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l
bnQgKENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
L0NQUzsgYnkgRS1tYWlsIGF0IENQUy1yZXF1ZXN0c0B2ZXJpc2lnbi5jb207IG9y
IGJ5IG1haWwgYXQgVmVyaVNpZ24sIEluYy4sIDI1OTMgQ29hc3QgQXZlLiwgTW91
bnRhaW4gVmlldywgQ0EgOTQwNDMgVVNBIFRlbC4gKzEgKDQxNSkgOTYxLTg4MzAg
Q29weXJpZ2h0IChjKSAxOTk2IFZlcmlTaWduLCBJbmMuICBBbGwgUmlnaHRzIFJl
c2VydmVkLiBDRVJUQUlOIFdBUlJBTlRJRVMgRElTQ0xBSU1FRCBhbmQgTElBQklM
SVRZIExJTUlURUQuoA4GDGCGSAGG+EUBBwEBAaEOBgxghkgBhvhFAQcBAQIwLDAq
FihodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9DUFMgMBEGCWCG
SAGG+EIBAQQEAwIGQDAUBgNVHSUEDTALBglghkgBhvhCBAEwDQYJKoZIhvcNAQEE
BQADgYEAlP8YbNqH5ud/Rj2925v7fFapR8cIbcKLhODGG1GyoVk88LRiFOKAggvt
WA8L7XIMkWuVrD1fBPn5vRmuv9deSA3fqJujdqoD4xNDfLjjS0khx2SoCqux0MHD
y1tpSKbhErzoGwClUTTbwZBnLQb4e8albF3s4GRdoXfLOEpl6Bs=
-----END CERTIFICATE-----
将证书文件中的内容(包括“-----BEGIN CERTIFICATE-----”和“-----END
CERTIFICATE-----”粘贴到记事本等文本编辑器中)保存为 server.crt (公钥)的文件。
4、下载中间级证书
如果您申请的是 VTN128 服务器证书,您需要安装中间级证书,以构成一个证
书链,使浏览器信任您的证书;否则无须安装,可直接进入下一步。点击下列
连接获得您的中间证书:
https://提供商URL/file获取串。
将中间级证书存成一个文本文件,命名为"intermediate.crt",将它存到第一
步中的相同目录下:/etc/ssl/crt/ 。
5、配置web server,以apache为例。
6.备份服务器证书
将server.key,server.crt文件备份
申请证书流程
1、产生私钥 server.key
2、产生 CSR 文件 server.csr(证书请求)
将server.csr发给证书签发商进行签名,价格参考如下:
SSL证书价格
原价 优惠价
引用
3、提供商将以邮件的方式将服务器证书给用户,如:
引用
-----BEGIN CERTIFICATE-----
ABCDEFGHIJKLMNOPQRSTUVWXYZDhVXMubIcy98iHIDANBgkqhkiG9w0BAQQFADCB
ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVy
aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2Vy
dmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMg
SW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0w
NDExMTgwMDAwMDBaFw0wNTExMTgyMzU5NTlaMGUxCzAJBgNVBAYTAkNOMRAwDgYD
VQQIEwdCZWlqaW5nMRAwDgYDVQQHFAdCZWlqaW5nMRQwEgYDVQQKFAtIdWFYaWEg
QmFuazEcMBoGA1UEAxQTd3d3Lmh1YS14aWFiYW5rLmNvbTCBnzANBgkqhkiG9w0B
AQEFAAOBjQAwgYkCgYEA38hgvsI4t0WZNX5VeGvk9IvmaZIZ6vIuKOhE6Q8FAiCx
2ArQ2YQsWKHc0f037Z0H8j1OLPDA9ScnaukUk09HDxmH+qs92mE5KwnAcinGHok4
i+P/aRWB4K/RCQKQhwROwszkaX0PiSMsVw/w91BmO9pslaZhjogq/UK31wx6Hn0C
AwEAAaOCAlswggJXMAkGA1UdEwQCMAAwggIfBgNVHQMEggIWMIICEjCCAg4wggIK
BgtghkgBhvhFAQcBATCCAfkWggGnVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0
ZXMgYnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0
IHRvLCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l
bnQgKENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
L0NQUzsgYnkgRS1tYWlsIGF0IENQUy1yZXF1ZXN0c0B2ZXJpc2lnbi5jb207IG9y
IGJ5IG1haWwgYXQgVmVyaVNpZ24sIEluYy4sIDI1OTMgQ29hc3QgQXZlLiwgTW91
bnRhaW4gVmlldywgQ0EgOTQwNDMgVVNBIFRlbC4gKzEgKDQxNSkgOTYxLTg4MzAg
Q29weXJpZ2h0IChjKSAxOTk2IFZlcmlTaWduLCBJbmMuICBBbGwgUmlnaHRzIFJl
c2VydmVkLiBDRVJUQUlOIFdBUlJBTlRJRVMgRElTQ0xBSU1FRCBhbmQgTElBQklM
SVRZIExJTUlURUQuoA4GDGCGSAGG+EUBBwEBAaEOBgxghkgBhvhFAQcBAQIwLDAq
FihodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9DUFMgMBEGCWCG
SAGG+EIBAQQEAwIGQDAUBgNVHSUEDTALBglghkgBhvhCBAEwDQYJKoZIhvcNAQEE
BQADgYEAlP8YbNqH5ud/Rj2925v7fFapR8cIbcKLhODGG1GyoVk88LRiFOKAggvt
WA8L7XIMkWuVrD1fBPn5vRmuv9deSA3fqJujdqoD4xNDfLjjS0khx2SoCqux0MHD
y1tpSKbhErzoGwClUTTbwZBnLQb4e8albF3s4GRdoXfLOEpl6Bs=
-----END CERTIFICATE-----
将证书文件中的内容(包括“-----BEGIN CERTIFICATE-----”和“-----END
CERTIFICATE-----”粘贴到记事本等文本编辑器中)保存为 server.crt (公钥)的文件。
4、下载中间级证书
如果您申请的是 VTN128 服务器证书,您需要安装中间级证书,以构成一个证
书链,使浏览器信任您的证书;否则无须安装,可直接进入下一步。点击下列
连接获得您的中间证书:
https://提供商URL/file获取串。
将中间级证书存成一个文本文件,命名为"intermediate.crt",将它存到第一
步中的相同目录下:/etc/ssl/crt/ 。
5、配置web server,以apache为例。
6.备份服务器证书
将server.key,server.crt文件备份
RSA算法简介
