This is the sixth day of my participation in the First Challenge 2022. For details: First Challenge 2022.
preface
When developing HTTPS services, we need to introduce the corresponding SSL certificate.
Today, I will record the process of making SSL certificates on my Mac.
The environment
MacOS 10.15.7
tool
openssl
steps
Step 1: Terminal execution command.
// Generate rsa private key, des3 algorithm, 1024 bit strength, SSL. key is the file name of the secret key. openssl genrsa -des3 -out ssl.key 1024Copy the codeStep 2: Enter your password. Here will be entered twice, fill in the same, random fill one, the next step will delete the password.
This step generates an SSL.key file in the current folder.
Step 3: Delete the password.
// The terminal runs the command to delete the password. // The directory is the same as that for generating the private key. Openssl rsa -in ssl.key -out ssl.keyCopy the codeStep 4: Generate a CSR (certificate signing request). We generate the certificate request file based on the generated key file. The terminal executes the following command:
openssl req -new -key ssl.key -out ssl.csr
Copy the codeAfter running the preceding command, enter the country, region, city, organization, organization unit, Common Name, Email address, and password in sequence. The Common Name must be the same as the domain Name. We’ve already deleted the password, so just press Enter.
Tips: Common Name is the domain Name address corresponding to the certificate. When we develop wechat applets, we must make the HTTPS domain Name of our external chain unified with the certificate.
Step 5: Generate a self-signed certificate. Generate the CRT certificate file based on the preceding two files. Run the following command:
// Here 3650 is the validity period of the certificate (unit: days). This is optional. The last files used are key and CRT files. openssl x509 -req -days 3650 -in ssl.csr -signkey ssl.key -out ssl.crtCopy the codeAt this point our certificates (ssl.key and SSL.crt) have been created and can be used directly in the HTTPS server.
Use certificate
Using certificates in code:
https
.createServer(
{
key: fs.readFileSync("./cert_key/ssl.key"),
cert: fs.readFileSync("./cert_key/ssl.crt")
},
app
)
.listen(1993);
Copy the codeconclusion
That’s it for MacOS
~
Thanks for reading!
~
Learn interesting knowledge, meet interesting friends, shape interesting soul!
Hello everyone, I am the author of “programming Samadhi”, I am king Yi, my public account is “programming Samadhi”, welcome to pay attention, I hope you can give me more advice!
You come, with expectations, I have ink to welcome! You return, no matter gain or loss, only to yu Yun give each other!
Knowledge and skills should be paid equal attention to, internal force and external power should be repaired simultaneously, theory and practice should grasp both hands, both hands should be hard!