{"id":1961,"date":"2012-09-05T13:53:21","date_gmt":"2012-09-05T13:53:21","guid":{"rendered":"http:\/\/mooa.net\/ap\/?p=1961"},"modified":"2012-09-05T13:53:21","modified_gmt":"2012-09-05T13:53:21","slug":"openssl-%ec%82%ac%ec%9a%a9%ed%95%98%ea%b8%b0","status":"publish","type":"post","link":"https:\/\/mooa.net\/ap\/1961","title":{"rendered":"OpenSSL \uc0ac\uc6a9\ud558\uae30"},"content":{"rendered":"<p class=\"p2\">&nbsp;<\/p>\n<p class=\"p1\"><em><strong><span style=\"font-size: medium;\">1. \uac1c\uc778\ud0a4\uc0dd\uc131<\/span><\/strong><\/em><\/p>\n<p class=\"p1\">&nbsp;1) 3DES \ub85c \uc554\ud638\ud654<\/p>\n<p class=\"p1\">&nbsp; &nbsp; openssl genrsa -des3 -out <span style=\"background-color: #99ccff;\"><em>KEYNAME<\/em><\/span>.key 1024<\/p>\n<blockquote>\n<p class=\"p1\">[root@domU-12-31-39-14-F9-A2 bin]# openssl genrsa -des3 -out mykey.key 1024<\/p>\n<p class=\"p1\">Generating RSA private key, 1024 bit long modulus<\/p>\n<p class=\"p1\">&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;++++++<\/p>\n<p class=\"p1\">&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;..++++++<\/p>\n<p class=\"p1\">e is 65537 (0x10001)<\/p>\n<p class=\"p1\">Enter pass phrase for mykey.key:<\/p>\n<p class=\"p1\">Verifying &#8211; Enter pass phrase for mykey.key:<\/p>\n<\/blockquote>\n<p class=\"p1\">&nbsp;<\/p>\n<p class=\"p1\">&nbsp;<\/p>\n<p class=\"p1\">&nbsp;2) \uc554\ud638\ud654 \ud558\uc9c0 \uc54a\uc74c<\/p>\n<p class=\"p1\">&nbsp; &nbsp; openssl genrsa -out&nbsp;<span style=\"background-color: #99ccff;\"><em>KEYNAME<\/em><\/span>.key 1024<\/p>\n<blockquote>\n<p class=\"p2\">[root@domU-12-31-39-14-F9-A2 bin]# openssl genrsa -out test.key 1024<\/p>\n<p class=\"p2\">Generating RSA private key, 1024 bit long modulus<\/p>\n<p class=\"p2\">&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;++++++<\/p>\n<p class=\"p2\">&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;..++++++<\/p>\n<p class=\"p2\">e is 65537 (0x10001)<\/p>\n<\/blockquote>\n<p class=\"p2\">&nbsp;<\/p>\n<p class=\"p2\">&nbsp;<\/p>\n<p class=\"p1\">&nbsp;3) \uae30\uc874 \ube44\ubc00\ud0a4\uc5d0 \ud328\uc2a4\uc6cc\ub4dc \ucd94\uac00<\/p>\n<p class=\"p1\">&nbsp; &nbsp; openssl rsa -in <span style=\"background-color: #99ccff;\"><em>KEYNAME<\/em><\/span>.key -des3 -out <span style=\"background-color: #99ccff;\"><em>NEW_KEYNAME<\/em><\/span>.key<\/p>\n<blockquote>\n<p class=\"p2\">[root@domU-12-31-39-14-F9-A2 bin]# openssl rsa -in mykey.key -des3 -out newmykey.key<\/p>\n<p class=\"p2\">Enter pass phrase for mykey.key:<\/p>\n<p class=\"p2\">writing RSA key<\/p>\n<p class=\"p2\">Enter PEM pass phrase:<\/p>\n<p class=\"p2\">Verifying &#8211; Enter PEM pass phrase:<\/p>\n<\/blockquote>\n<p class=\"p2\">&nbsp;<\/p>\n<p class=\"p2\">&nbsp;<\/p>\n<p class=\"p1\">&nbsp;4) \uae30\uc874 \ube44\ubc00\ud0a4\uc5d0 \ud328\uc2a4\uc6cc\ub4dc \uc81c\uac70<\/p>\n<p class=\"p1\">&nbsp; &nbsp; openssl rsa -in <span style=\"background-color: #99ccff;\"><em>KEYNAME<\/em><\/span>.key -out <span style=\"background-color: #99ccff;\"><em>NEW_KEYNAME<\/em><\/span>.key<\/p>\n<blockquote>\n<p class=\"p2\">[root@domU-12-31-39-14-F9-A2 bin]# openssl rsa -in mykey.key -out nopassmykey.key<\/p>\n<p class=\"p2\">Enter pass phrase for mykey.key:<\/p>\n<p class=\"p2\">writing RSA key<\/p>\n<\/blockquote>\n<p class=\"p2\">&nbsp;<\/p>\n<p class=\"p1\">&nbsp;<\/p>\n<p class=\"p1\">&nbsp;<\/p>\n<p class=\"p1\"><span style=\"font-size: medium;\"><strong>2. CSR\uc0dd\uc131 (\uc778\uc99d\uc11c \uc11c\uba85 \uc694\uccad)<\/strong><\/span><\/p>\n<p class=\"p1\">&nbsp; openssl req -new -key&nbsp;<span style=\"background-color: #99ccff;\"><em>KEYNAME<\/em><\/span>.key -out <span style=\"background-color: #99ccff;\"><em>CSRNAME<\/em><\/span>.csr<\/p>\n<p class=\"p2\">&nbsp;<\/p>\n<blockquote>\n<p class=\"p2\">[root@domU-12-31-39-14-F9-A2 bin]# openssl req -new -key mykey.key -out mycsr.csr<\/p>\n<p class=\"p2\">Enter pass phrase for mykey.key:<\/p>\n<p class=\"p2\">You are about to be asked to enter information that will be incorporated<\/p>\n<p class=\"p2\">into your certificate request.<\/p>\n<p class=\"p2\">What you are about to enter is what is called a Distinguished Name or a DN.<\/p>\n<p class=\"p2\">There are quite a few fields but you can leave some blank<\/p>\n<p class=\"p2\">For some fields there will be a default value,<\/p>\n<p class=\"p2\">If you enter &#8216;.&#8217;, the field will be left blank.<\/p>\n<p class=\"p2\">&#8212;&#8211;<\/p>\n<p class=\"p2\">Country Name (2 letter code) [XX]:xx<\/p>\n<p class=\"p2\">State or Province Name (full name) []:Seoul<\/p>\n<p class=\"p2\">Locality Name (eg, city) [Default City]:Seoul<\/p>\n<p class=\"p2\">Organization Name (eg, company) [Default Company Ltd]:Test company<\/p>\n<p class=\"p2\">Organizational Unit Name (eg, section) []:Test Service<\/p>\n<p class=\"p2\">Common Name (eg, your name or your server&#8217;s hostname) []:Test Server<\/p>\n<p class=\"p2\">Email Address []:eunsung.lim@gmail.com<\/p>\n<p class=\"p2\">&nbsp;<\/p>\n<p class=\"p2\">Please enter the following &#8216;extra&#8217; attributes<\/p>\n<p class=\"p2\">to be sent with your certificate request<\/p>\n<p class=\"p2\">A challenge password []:color<\/p>\n<p class=\"p2\">An optional company name []:Test Company<\/p>\n<\/blockquote>\n<p class=\"p2\">&nbsp;<\/p>\n<p class=\"p2\">&nbsp;<\/p>\n<p class=\"p1\"><span style=\"font-size: medium;\"><strong>3. \uc790\uccb4 \uc11c\uba85 \uc778\uc99d\uc11c \uc0dd\uc131\ud558\uae30<\/strong><\/span><\/p>\n<p class=\"p1\">&nbsp; openssl req -new -key <span style=\"background-color: #99ccff;\"><em>KEYNAME<\/em><\/span>.key -x509 -out <span style=\"background-color: #99ccff;\"><em>CERT_NAME<\/em><\/span>.crt<\/p>\n<blockquote>\n<p class=\"p1\">[root@domU-12-31-39-14-F9-A2 bin]# openssl req -new -key mykey.key -x509 -out server.crt<\/p>\n<p class=\"p1\">Enter pass phrase for mykey.key:<\/p>\n<p class=\"p1\">You are about to be asked to enter information that will be incorporated<\/p>\n<p class=\"p1\">into your certificate request.<\/p>\n<p class=\"p1\">What you are about to enter is what is called a Distinguished Name or a DN.<\/p>\n<p class=\"p1\">There are quite a few fields but you can leave some blank<\/p>\n<p class=\"p1\">For some fields there will be a default value,<\/p>\n<p class=\"p1\">If you enter &#8216;.&#8217;, the field will be left blank.<\/p>\n<p class=\"p1\">&#8212;&#8211;<\/p>\n<p class=\"p1\">Country Name (2 letter code) [XX]:xx<\/p>\n<p class=\"p1\">State or Province Name (full name) []:Seoul<\/p>\n<p class=\"p1\">Locality Name (eg, city) [Default City]:Seoul<\/p>\n<p class=\"p1\">Organization Name (eg, company) [Default Company Ltd]:Test Company<\/p>\n<p class=\"p1\">Organizational Unit Name (eg, section) []:Test Service<\/p>\n<p class=\"p1\">Common Name (eg, your name or your server&#8217;s hostname) []:domU-12-31-39-14-F9-A2<\/p>\n<\/blockquote>\n<p class=\"p1\">&nbsp;<\/p>\n<p class=\"p2\">&nbsp;<\/p>\n<p class=\"p2\">&nbsp;<\/p>\n<p class=\"p1\"><span style=\"font-size: medium;\"><strong>4. \uc778\uc99d\uc11c \ub2e4\ub8e8\ub294 \ubc95<\/strong><\/span><\/p>\n<p class=\"p1\">&nbsp; 1) \uc778\uc99d\uc11c \ud655\uc778(\ubcf4\uae30)<\/p>\n<p class=\"p1\">&nbsp; &nbsp;&nbsp;openssl x509 -noout -text -in <span style=\"background-color: #99ccff;\"><em>CERT_NAME<\/em><\/span>.crt<\/p>\n<blockquote>\n<p class=\"p2\">[root@domU-12-31-39-14-F9-A2 bin]# openssl x509 -noout -text -in server.crt<\/p>\n<p class=\"p2\">Certificate:<\/p>\n<p class=\"p2\">&nbsp; &nbsp; Data:<\/p>\n<p class=\"p2\">&nbsp; &nbsp; &nbsp; &nbsp; Version: 3 (0x2)<\/p>\n<p class=\"p2\">&nbsp; &nbsp; &nbsp; &nbsp; Serial Number:<\/p>\n<p class=\"p2\">&#8230;..<\/p>\n<p class=\"p2\">&#8230;.<\/p>\n<\/blockquote>\n<p class=\"p2\">&nbsp;<\/p>\n<p class=\"p1\">&nbsp; 2) \ube44\ubc00\ud0a4 \ubcf4\uae30<\/p>\n<p class=\"p1\">&nbsp; &nbsp; openssl rsa -noout -text -in <span style=\"background-color: #99ccff;\"><em>KEYNAME<\/em><\/span>.key<\/p>\n<blockquote>\n<p class=\"p1\">[root@domU-12-31-39-14-F9-A2 bin]# openssl rsa -noout -text -in mykey.key<\/p>\n<p class=\"p1\">Enter pass phrase for mykey.key:<\/p>\n<p class=\"p1\">Private-Key: (1024 bit)<\/p>\n<p class=\"p1\">modulus:<\/p>\n<p class=\"p1\">&nbsp; &nbsp; 00:a9:eb:af:3e:65:0a:57:d3:3a:c6:c3:84:62:da:<\/p>\n<p class=\"p1\">&nbsp; &nbsp; 47:a1:cb:4b:f9:0f:d4:4c:81:56:46:67:ac:dd:52:<\/p>\n<p class=\"p1\">&#8230;..<\/p>\n<p class=\"p1\">&#8230;<\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>&nbsp; 1. \uac1c\uc778\ud0a4\uc0dd\uc131 &nbsp;1) 3DES \ub85c \uc554\ud638\ud654 &nbsp; &nbsp; openssl genrsa -des3 -out KEYNAME.key 1024 [root@domU-12-31-39-14-F9-A2 bin]# openssl genrsa -des3 -out mykey.key 1024 Generating RSA private key, 1024 bit long modulus &#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;++++++ &#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;..++++++ e is 65537 (0x10001) Enter pass phrase for mykey.key: Verifying &#8211; Enter pass phrase for mykey.key: &nbsp; &nbsp; &nbsp;2) \uc554\ud638\ud654 \ud558\uc9c0 \uc54a\uc74c &nbsp; &nbsp; openssl genrsa -out&nbsp;KEYNAME.key 1024 [root@domU-12-31-39-14-F9-A2 bin]# openssl genrsa -out test.key 1024 Generating RSA private key, 1024 bit long modulus &#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;++++++ &#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;..++++++ e is 65537 (0x10001) &nbsp; &nbsp; &nbsp;3) \uae30\uc874 \ube44\ubc00\ud0a4\uc5d0 \ud328\uc2a4\uc6cc\ub4dc \ucd94\uac00 &nbsp; &nbsp; openssl rsa -in KEYNAME.key -des3 -out NEW_KEYNAME.key [root@domU-12-31-39-14-F9-A2 bin]# [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[31,75,106,143],"_links":{"self":[{"href":"https:\/\/mooa.net\/ap\/wp-json\/wp\/v2\/posts\/1961"}],"collection":[{"href":"https:\/\/mooa.net\/ap\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mooa.net\/ap\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mooa.net\/ap\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mooa.net\/ap\/wp-json\/wp\/v2\/comments?post=1961"}],"version-history":[{"count":0,"href":"https:\/\/mooa.net\/ap\/wp-json\/wp\/v2\/posts\/1961\/revisions"}],"wp:attachment":[{"href":"https:\/\/mooa.net\/ap\/wp-json\/wp\/v2\/media?parent=1961"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mooa.net\/ap\/wp-json\/wp\/v2\/categories?post=1961"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mooa.net\/ap\/wp-json\/wp\/v2\/tags?post=1961"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}