Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). The protocol is therefore also referred to as HTTP over TLS, or HTTP over SSL.
Generate Private key (key) and Certificate
openssl genrsa 2048 > host.key chmod 400 host.key openssl req -new -x509 -nodes -sha256 -days 365 -key host.key -out host.crt
分析 curl 執行時到底使用了哪一個 ca-certificates.crt 檔
$ strace curl https://localhost:5001 2>&1 | grep ca-certificates.crt openat(AT_FDCWD, "/etc/ssl/certs/ca-certificates.crt", O_RDONLY) = 6
將剛剛產生的 host.crt 內容拷貝到/etc/ssl/certs/ca-certificates.crt的最下方
cat /path/host.crt >> /etc/ssl/certs/ca-certificates.crt
ref:
1. What is .crt and .key files and how to generate them?
2. What is the difference between .pem, .csr, .key and .crt and other such file extensions?
3. 如何讓 cURL 可以連接自簽憑證提供的 TLS/SSL 加密連線網站
4. 認識 PKI 架構下的數位憑證格式與憑證格式轉換的心得分享
沒有留言:
張貼留言