root@Server01:~# apt -y install openssl
1
root@Server01:~# mkdir /CA //创建CA目录
2
root@Server01:~# vim /etc/ssl/openssl.cnf
3
4
创建CA颁发机构配置文件
1
root@Server01:~# cp -ap /etc/ssl/* /CA
2
root@Server01:~# touch /CA/index.txt
3
root@Server01:~# echo "01" >/CA/serial
4
root@Server01:~# mkdir /CA/crl
5
root@Server01:~# mkdir /CAnewcerts
6
root@Server01:~# mkdir /CA/crlnumber
7
8
root@Server01:~# openssl genrsa -out /CA/private/cakey.pem //生成公钥
9