Microsoft Windows [版本 10.0.18363.959] (c) 2019 Microsoft Corporation。保留所有权利。 C:\WINDOWS\system32>cd d:\app\nginx C:\WINDOWS\system32>d: d:\app\nginx>dir 驱动器 D 中的卷是 work 卷的序列号是 3C5D-459F d:\app\nginx 的目录 2020-03-05 22:23 <DIR> . 2020-03-05 22:23 <DIR> .. 2018-05-05 12:43 <DIR> conf 2018-03-02 09:25 <DIR> contrib 2018-03-02 09:25 <DIR> docs 2020-08-02 20:00 <DIR> html 2020-08-01 17:46 <DIR> logs 2018-11-12 10:26 360,960 nginx-service.exe 2019-07-29 11:33 518 nginx-service.xml 2017-04-12 18:05 3,060,224 nginx.exe 2018-12-10 14:41 <DIR> ssl 2019-07-29 11:39 288 start.bat 2020-08-03 19:37 <DIR> temp 4 个文件 3,421,990 字节 9 个目录 338,788,208,640 可用字节 d:\app\nginx>cd ssl d:\app\nginx\ssl>dir 驱动器 D 中的卷是 work 卷的序列号是 3C5D-459F d:\app\nginx\ssl 的目录 2018-12-10 14:41 <DIR> . 2018-12-10 14:41 <DIR> .. 2018-12-10 14:41 822 dogiant.crt 2018-12-10 14:40 639 dogiant.csr 2018-12-10 14:40 887 dogiant.key 2018-12-10 14:38 963 dogiant.key.copy 4 个文件 3,311 字节 2 个目录 338,788,208,640 可用字节 d:\app\nginx\ssl>del *.* d:\app\nginx\ssl\*.*, 是否确认(Y/N)? y d:\app\nginx\ssl>openssl genrsa -des3 -out server.key 2048 WARNING: can‘t open config file: /usr/local/ssl/openssl.cnf Generating RSA private key, 2048 bit long modulus ...+++++ ...+++++ e is 65537 (0x10001) Enter pass phrase for server.key: Verifying - Enter pass phrase for server.key: Verify failure User interface error 21244:error:0906906F:PEM routines:PEM_ASN1_write_bio:read key:.\crypto\pem\pem_lib.c:373: d:\app\nginx\ssl>dir 驱动器 D 中的卷是 work 卷的序列号是 3C5D-459F d:\app\nginx\ssl 的目录 2020-08-03 22:03 <DIR> . 2020-08-03 22:03 <DIR> .. 2020-08-03 22:03 0 server.key 1 个文件 0 字节 2 个目录 338,788,376,576 可用字节 d:\app\nginx\ssl>openssl genrsa -des3 -out server.key 2048 WARNING: can‘t open config file: /usr/local/ssl/openssl.cnf Generating RSA private key, 2048 bit long modulus .......................+++++ .......+++++ e is 65537 (0x10001) Enter pass phrase for server.key: Verifying - Enter pass phrase for server.key: d:\app\nginx\ssl>openssl req -new -key server.key -out server.csr WARNING: can‘t open config file: /usr/local/ssl/openssl.cnf Unable to load config info from /usr/local/ssl/openssl.cnf d:\app\nginx\ssl>dir 驱动器 D 中的卷是 work 卷的序列号是 3C5D-459F d:\app\nginx\ssl 的目录 2020-08-03 22:03 <DIR> . 2020-08-03 22:03 <DIR> .. 2020-08-03 22:05 1,743 server.key 1 个文件 1,743 字节 2 个目录 338,788,306,944 可用字节 d:\app\nginx\ssl>openssl req -new -key server.key -out server.csr WARNING: can‘t open config file: /usr/local/ssl/openssl.cnf Unable to load config info from /usr/local/ssl/openssl.cnf d:\app\nginx\ssl>show variables like ‘%ssl%‘; ‘show‘ 不是内部或外部命令,也不是可运行的程序 或批处理文件。 d:\app\nginx\ssl>openssl WARNING: can‘t open config file: /usr/local/ssl/openssl.cnf OpenSSL> exit d:\app\nginx\ssl>openssl WARNING: can‘t open config file: /usr/local/ssl/openssl.cnf OpenSSL> exit d:\app\nginx\ssl>set OPENSSL_CONF=openssl.cnf d:\app\nginx\ssl>openssl WARNING: can‘t open config file: openssl.cnf OpenSSL> exit d:\app\nginx\ssl>set OPENSSL_CONF=D:\app\nginx\conf\openssl.cnf d:\app\nginx\ssl>openssl WARNING: can‘t open config file: D:\app\nginx\conf\openssl.cnf OpenSSL> exit d:\app\nginx\ssl>set OPENSSL_CONF=D:\app\OpenSSL-Win64\bin\cnf\openssl.cnf d:\app\nginx\ssl>openssl OpenSSL> req -new -key server.key -out server.csr Enter pass phrase for server.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ‘.‘, the field will be left blank. ----- Country Name (2 letter code) [AU]:CN State or Province Name (full name) [Some-State]:JS Locality Name (eg, city) []:HN Organization Name (eg, company) [Internet Widgits Pty Ltd]:CSGET Organizational Unit Name (eg, section) []:COM Common Name (e.g. server FQDN or YOUR name) []:TEST.COM Email Address []:TEST@TEST.COM Please enter the following ‘extra‘ attributes to be sent with your certificate request A challenge password []:123456 An optional company name []: OpenSSL> rsa -in server.key -out server_no_passwd.key Enter pass phrase for server.key: unable to load Private Key 19852:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:.\crypto\evp\evp_enc.c:531: 19852:error:0906A065:PEM routines:PEM_do_header:bad decrypt:.\crypto\pem\pem_lib.c:476: error in rsa OpenSSL> rsa -in server.key -out server_no_passwd.key Enter pass phrase for server.key: writing RSA key OpenSSL> x509 -req -days 3650 -in server.csr -signkey server_no_passwd.key -out server.crt Signature ok subject=/C=CN/ST=JS/L=HN/O=CSGET/OU=COM/CN=TEST.COM/emailAddress=TEST@TEST.COM Getting Private key OpenSSL> rsa -in server.key -out server.unsecure 19852:error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters:.\crypto\evp\p_lib.c:137: Enter pass phrase for server.key: writing RSA key OpenSSL>
原文:https://www.cnblogs.com/huiy/p/13432123.html