Make SSL Certificate on Mac

foreword

When we develop the https service, we need to introduce the corresponding SSL certificate.

Today, I am documenting the process of making an SSL certificate on my Mac.

surroundings

MacOS 10.15.7

tool

openssl

step

Step 1: The terminal executes the command.

//生成rsa私钥，des3算法，1024位强度，ssl.key是秘钥文件名。
openssl genrsa -des3 -out ssl.key 1024

Step 2: Enter the password. It will be entered twice here, just fill in the same, fill in one at will, and the password will be deleted in the next step.

ssl.key file will be generated in the current folder.

Step 3: Remove the password.

//终端执行删除密码命令
//这里目录和生成私钥的目录一致
openssl rsa -in ssl.key -out ssl.key

Step 4: Generate a CSR (Certificate Signing Request). We generate the certificate request file according to the key file just generated, and execute the following command on the terminal:

openssl req -new -key ssl.key -out ssl.csr

After executing the above command, you need to enter the country, region, city, organization, organizational unit, Common Name, Email, and password in sequence. The Common Name should be consistent with the domain name. We have deleted the password, just press Enter.

Warm reminder : Common Name is the domain name address corresponding to the certificate. When we develop WeChat Mini Programs, we must unify the https domain name and certificate of our external chain.

Step 5: Generate a self-signed certificate. Generate the crt certificate file based on the above two files, and execute the following command on the terminal:

//这里3650是证书有效期(单位：天)。这个大家随意。最后使用到的文件是key和crt文件。
openssl x509 -req -days 3650 -in ssl.csr -signkey ssl.key -out ssl.crt

At this point, our certificates ( ssl.key and ssl.crt ) have been successfully created and can be used directly in the https server.

use certificate

Use the certificate in code:

https
    .createServer(
        {
            key: fs.readFileSync("./cert_key/ssl.key"),
            cert: fs.readFileSync("./cert_key/ssl.crt")
        },
        app
    )
    .listen(1993);

Summarize

The above is made on MacOS

~

~ This article is over, thanks for reading!

~

Learn interesting knowledge, meet interesting friends, and shape interesting souls!

Hello everyone, I is [ programming Samadhi 〗 author hermit king , my public number is " programming Samadhi " welcome attention, we hope the exhibitions!

You come, with expectations, I have the fragrance of ink to welcome you! You return, no matter what you gain or lose, you can only give it away with the aftertaste!

Both knowledge and skills are emphasized, internal and external skills are cultivated, both theory and practice must be grasped, and both hands must be hard!