zoukankan      html  css  js  c++  java
  • workspaces only allow trusted client with self-signed cert

    1. 生成CA

    openssl genrsa -out CA_neonone.com.key 2048
    openssl req -x509 -new -nodes -key CA_neonone.com.key -sha256 -days 1024 -out CA_neonone.com.pem
    

     

     2. 生成csr

    openssl genrsa -out neonone.com.key 2048
    openssl req -new -key neonone.com.key -out neonone.com.csr
    

     

     3. 新建v3.ext文件

    authorityKeyIdentifier=keyid,issuer
    extendedKeyUsage = serverAuth, clientAuth, codeSigning, emailProtection
    basicConstraints=CA:FALSE
    keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
    

    4. 生成证书

     openssl x509 -req -in neonone.com.csr -CA CA_neonone.com.pem -CAkey CA_neonone.com.key -CAcreateserial -out neonone.com.pem -days 365 -sha256 -extfile v3.ext
    

    5. 转换成pfx

    openssl pkcs12 -inkey neonone.com.key  -in neonone.com.pem  -export -out neonone.com.pfx
    

    6. 导入win7

    运行 Certmgr.msc

      6.1 导入根证书

      

       6.2 导入客户端证书

      

     7. 上传根证书到aws workspace ad

     

  • 相关阅读:
    文件输出debug
    sweetalert
    js认清this的第一步
    Creating default object from empty value in PHP?
    matplotlib画图
    python解析库
    zabbix监控ssl证书过期时间
    aws 预留实例到期监控
    aws ec2挂载 s3
    aliyun挂载oss
  • 原文地址:https://www.cnblogs.com/divl/p/11937276.html
Copyright © 2011-2022 走看看