Différences
Ci-dessous, les différences entre deux révisions de la page.
| Les deux révisions précédentes Révision précédente Prochaine révision | Révision précédente | ||
| infrastructure:securite:ssl:ca-creation [11/04/2021 12:20] – Stéphane Paillet | infrastructure:securite:ssl:ca-creation [11/04/2021 14:54] (Version actuelle) – Stéphane Paillet | ||
|---|---|---|---|
| Ligne 157: | Ligne 157: | ||
| stateOrProvinceName = State or Province Name (full name) | stateOrProvinceName = State or Province Name (full name) | ||
| - | stateOrProvinceName_default = | + | stateOrProvinceName_default = |
| localityName = Locality Name (eg, city) | localityName = Locality Name (eg, city) | ||
| - | localityName_default = | + | localityName_default = |
| 0.organizationName = Organization Name (eg, company) | 0.organizationName = Organization Name (eg, company) | ||
| - | 0.organizationName_default = | + | 0.organizationName_default = |
| # we can do this but it is not needed normally :-) | # we can do this but it is not needed normally :-) | ||
| Ligne 177: | Ligne 177: | ||
| emailAddress = Email Address | emailAddress = Email Address | ||
| emailAddress_max = 64 | emailAddress_max = 64 | ||
| - | emailAddress_default = sec@oplv-france.net | + | emailAddress_default = sec@grohub.org |
| # SET-ex3 = SET extension number 3 | # SET-ex3 = SET extension number 3 | ||
| Ligne 427: | Ligne 427: | ||
| < | < | ||
| Enter pass phrase for private/ | Enter pass phrase for private/ | ||
| - | < | + | </code> |
| Répondez ensuite aux questions, ou laissez le choix par défaut (information entre crochets) | Répondez ensuite aux questions, ou laissez le choix par défaut (information entre crochets) | ||
| Ligne 439: | Ligne 439: | ||
| ----- | ----- | ||
| Country Name (2 letter code) [FR]: | Country Name (2 letter code) [FR]: | ||
| - | State or Province Name (full name) [PACA]: | + | State or Province Name (full name) [Var]: |
| - | Locality Name (eg, city) [La Ciotat]: | + | Locality Name (eg, city) [Vinon]: |
| - | Organization Name (eg, company) [SmarDTV Global SA]:OPLV Group | + | Organization Name (eg, company) [Grohub Certificate Authority]: |
| Organizational Unit Name (eg, section) [Security Team]: | Organizational Unit Name (eg, section) [Security Team]: | ||
| - | Common Name (e.g. server FQDN or YOUR name) []:OPLV Group Certificate Authority | + | Common Name (e.g. server FQDN or YOUR name) []:Grohub Root CA |
| - | Email Address [sec@oplv-france.net]: | + | Email Address [sec@grohub.org]: |
| </ | </ | ||
| Ligne 460: | Ligne 460: | ||
| Nous nous plaçons dans le répertoire, | Nous nous plaçons dans le répertoire, | ||
| < | < | ||
| + | |||
| + | # mkdir -p / | ||
| + | # chmod 700 / | ||
| # cd / | # cd / | ||
| - | # mkdir certs crl csr newcerts private | ||
| - | # chmod 700 private | ||
| # touch index.txt | # touch index.txt | ||
| # echo 1000 > serial | # echo 1000 > serial | ||
| Ligne 490: | Ligne 491: | ||
| < | < | ||
| cd /etc/ssl/CA | cd /etc/ssl/CA | ||
| - | # openssl genrsa -aes256 -out intermediate/ | + | # openssl genrsa -aes256 -out intermediate/ |
| </ | </ | ||
| Nous saisissons une passphrase | Nous saisissons une passphrase | ||
| < | < | ||
| - | Enter pass phrase for intermediate/ | + | Enter pass phrase for intermediate/ |
| - | Verifying - Enter pass phrase for intermediate/ | + | Verifying - Enter pass phrase for intermediate/ |
| </ | </ | ||
| Nous sécurisons la clé | Nous sécurisons la clé | ||
| < | < | ||
| - | chmod 400 intermediate/ | + | chmod 400 intermediate/ |
| </ | </ | ||
| Ligne 508: | Ligne 509: | ||
| < | < | ||
| # cd /etc/ssl/CA | # cd /etc/ssl/CA | ||
| - | # openssl req -config intermediate/ | + | # openssl req -config intermediate/ |
| </ | </ | ||