CA

Certificate Authority.


创建自签名证书

1
2
3
4
5
$ openssl req  -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 365 -out ca.crt -subj "/C=CN/L=shanghai/O=lisea/CN=harbor-registry"

$ openssl req -newkey rsa:4096 -nodes -sha256 -keyout harbor.com.key -out server.csr -subj "/C=CN/L=shanghai/O=lisea/CN=harbor.com"

$ openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out harbor.com.crt