openssl:在';政策';配置
我想为本地开发服务器提供一个自签名SSL证书。我遵循了上的指南,在最后一步中,您通过发出以下命令来发出对证书进行签名的命令:openssl:在';政策';配置,ssl,certificate,self-signed,Ssl,Certificate,Self Signed,我想为本地开发服务器提供一个自签名SSL证书。我遵循了上的指南,在最后一步中,您通过发出以下命令来发出对证书进行签名的命令: openssl ca -in tempreq.pem -out server_crt.pem 我得到以下错误:(最后一行) 我能做些什么来解决它?作为背景,我的服务器没有域名,所以我只是使用localhost作为commanName。这就是问题所在吗 谢谢你的帮助 将策略从/etc/ssl/openssl.cnf复制到配置文件中 从头重新生成所有文件 政策部分如下所示:
openssl ca -in tempreq.pem -out server_crt.pem
我得到以下错误:(最后一行)
我能做些什么来解决它?作为背景,我的服务器没有域名,所以我只是使用localhost作为commanName。这就是问题所在吗
谢谢你的帮助
Using configuration from /home/user_name/.ssl/caconfig.cnf
Enter pass phrase for /home/user_name/.ssl/private/cakey.pem:
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName :PRINTABLE:'localhost'
stateOrProvinceName :PRINTABLE:'AA'
countryName :PRINTABLE:'ET'
emailAddress :IA5STRING:'user@example.com'
organizationName :PRINTABLE:'Example Inc'
organizationalUnitName:PRINTABLE:'Development'
localhost:invalid type in 'policy' configuration
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional