欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

openssl ca activemq

程序员文章站 2022-03-23 22:02:32
...

openssl genrsa -out ca.key 2048 

openssl req -x509 -new -nodes -key ca.key -subj "/CN=ca.anyec.cn/OU=ca.anyec.cn/O=anyec.cn/ST=HuBei/L=WuHan/C=CN" -days 36500 -out ca.cert

openssl pkcs12 -export -clcerts -name ca -inkey ca.key -in ca.cer -out ca.p12

 

==============ca======

keytool -importkeystore -srckeystore ca.p12 -destkeystore ca.jks -srcstoretype pkcs12

keytool -importkeystore -srckeystore ca.jks -destkeystore ca.jks -deststoretype pkcs12

 

 

==========cloud =========

openssl genrsa -out cloud.key 2048 

openssl req -new -key cloud.key -out cloud.csr -config cloud.conf -subj "/C=CN/ST=HuBei/L=WuHan/O=anyec.cn/OU=cloud.anyec.cn/CN=cloud.anyec.cn"

 

::openssl x509 -req -in cloud.csr -CA ca.cert -CAkey ca.key -CAcreateserial -out cloud.cert -days 3650 -extensions v3_req

 

openssl ca -in cloud.csr -out cloud.cer  -days 3650 -config openssl.cnf

 

 

openssl x509 -in cloud.cer -inform der -out cloud.cer.pem

openssl pkcs12 -export -clcerts -name cloud -inkey cloud.key -in cloud.cer -out cloud.p12

 

::keytool -delete -alias cloud -keystore cloud.p12 -storetype PKCS12 -storepass ''

::keytool -import -alias cloud -file cloud.cert -keystore cloud.p12 -storetype PKCS12 -storepass ''

 

::keytool -import -noprompt -file cloud.cert  -keystore cloud.jks -storepass 123456

::openssl pkcs12 -export -clcerts -name cloud -inkey cloud.key -in cloud.cer -out cloud.jks

 

keytool -importkeystore  -srckeystore cloud.p12 -destkeystore cloud.jks -destalias cloud 

 

 

========mqtt client==========

 

openssl genrsa -out mqtt.key 2048 

openssl req -new -key mqtt.key -out mqtt.csr -config mqtt.conf -subj "/C=CN/ST=HuBei/L=WuHan/O=anyec.cn/OU=mqtt.anyec.cn/CN=mqtt.anyec.cn"

 

::openssl x509 -req -in mqtt.csr -CA ca.cert -CAkey ca.key -CAcreateserial -out mqtt.cert -days 3650 -extensions v3_req

 

openssl ca -in mqtt.csr -out mqtt.cer  -days 3650 -config openssl.cnf

 

 

openssl x509 -in mqtt.cer -inform der -out mqtt.cer.pem

openssl pkcs12 -export -clcerts -name mqtt -inkey mqtt.key -in mqtt.cer -out mqtt.p12

 

 

keytool -importkeystore  -srckeystore mqtt.p12 -destkeystore mqtt.jks -destalias mqtt 

 

keytool  -importcert -trustcacerts   -alias ca -file ca.cer -keystore truststore2.ts

keytool  -importcert -trustcacerts   -alias cloud -file cloud.cer -keystore truststore2.ts

keytool  -importcert -trustcacerts   -alias mqtt -file mqtt.cer -keystore truststore2.ts

==========activemq mqtt========

<sslContext>

<sslContext keyStore="file:${activemq.base}/conf/cert/cloud.jks"

keyStorePassword="123456"

trustStore="file:${activemq.base}/conf/cert/truststore.ts"

trustStorePassword="123456"

/>

 

<transportConnector name="mqtt+ssl" uri="mqtt+ssl://0.0.0.0:1883?maximumConnections=30000&amp;wireFormat.maxFrameSize=204857600"/>

 

上一篇: 整理的超硬核JVM笔记分享

下一篇: GitLab使用外部提供的Redis缓存数据库的方法详解

推荐阅读