diff --git a/README.md b/README.md index 7978c33..72a983b 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,6 @@ -# 自签发证书用于TSG各组件间加密通信 +# 签发证书用于E21项目加密通信 + +## 签发自签发证书用于TSG各组件间加密通信 **注意** @@ -56,3 +58,180 @@ Y29tMAoGCCqGSM49BAMCA0gAMEUCIBi5SITjNG7P/5qVs6EyJ2E9602KiNUS1EbY Not Before: Aug 31 05:59:42 2021 GMT Not After : Aug 29 05:59:42 2031 GMT ``` + +## 为 TSG/Nezha 的界面服务签发证书 + +**注意** + +* 证书有效 20 年 +* TSG/Nezha 的证书不绑定域名,不绑定IP + +**根证书** + +``` +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 14219135907191779218 (0xc55484c5792aef92) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=CN, ST=Beijing, L=Xicheng, O=GDNT, OU=Certificate Authority, CN=support/emailAddress=support@gdnt-cloud.com + Validity + Not Before: Nov 5 07:47:19 2021 GMT + Not After : Oct 31 07:47:19 2041 GMT + Subject: C=CN, ST=Beijing, L=Xicheng, O=GDNT, OU=Certificate Authority, CN=support/emailAddress=support@gdnt-cloud.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:d3:27:71:59:e9:1e:06:4d:68:3d:5c:01:ed:32: + a6:8f:c8:ff:75:b4:cc:4f:fa:8f:1e:9b:8a:6a:c8: + 8b:14:20:cc:ed:e3:a2:8f:b1:2d:1b:b5:6b:c0:87: + d0:ad:d7:78:33:7d:3d:1f:e9:59:ff:d3:3e:c0:e3: + 68:e6:7b:64:01:a3:e2:1d:10:9d:8b:ee:23:0b:12: + bc:3b:a7:9e:6d:68:b2:cf:c3:cf:2c:a6:30:20:fd: + da:83:6a:aa:d9:99:27:2d:da:c9:91:be:a8:1b:56: + 65:f8:cb:f8:3b:6a:07:3c:65:5c:a8:09:58:73:c2: + 55:e7:74:f5:11:de:dc:37:8a:47:44:01:f4:d1:3e: + 42:73:9c:f3:6b:6c:0d:80:99:50:55:9b:27:b9:07: + 33:fa:5c:36:60:ef:d0:d8:49:fe:a1:28:3d:ff:63: + c7:eb:be:0a:8f:9d:09:9b:8e:cf:41:6d:82:2e:ef: + bf:ee:e7:f1:b3:41:fa:cf:8d:37:1d:1c:24:69:d2: + fd:cd:c7:0c:b2:f9:3b:a5:37:55:53:e2:a6:7d:5d: + 6a:7c:8c:f7:24:5c:86:66:a2:c3:a0:8b:45:60:6d: + f0:bc:e3:29:4f:f3:5a:d5:54:a0:46:2a:59:cf:fc: + 95:d9:2c:a6:cb:3d:d5:ee:e8:fe:fe:03:2d:f0:a4: + 4b:49 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 97:08:4e:dd:a1:b2:6b:de:d1:c1:8a:ef:e6:31:00:13:10:e8: + ca:5e:67:60:86:db:26:92:55:eb:6a:ce:5f:08:93:de:ad:4d: + 9e:5d:5d:31:8e:bf:8f:26:4f:3c:05:11:1f:28:5e:f4:a5:49: + dc:e3:40:ec:a7:5d:17:67:09:2e:06:f5:88:ed:63:8a:c1:92: + fa:22:cb:2b:f1:c8:08:3c:61:e4:ad:3e:65:ba:8e:08:55:8b: + bb:35:e1:ba:4d:bc:fe:59:06:07:fd:b5:50:6c:0c:77:27:22: + 1b:1f:d7:17:fd:d1:0a:6a:bd:38:6d:96:21:c2:47:dd:ca:ac: + 84:97:f9:70:3b:e2:ee:15:b8:8a:84:0d:6b:0f:e7:5b:c3:eb: + 2a:d0:33:a1:3a:ad:e7:ab:09:06:e2:fc:f9:44:3b:07:b1:13: + 28:d3:66:48:33:20:6a:d4:23:34:18:4f:a4:c6:e4:c2:f0:83: + 88:95:e7:a2:5e:f0:ce:59:98:42:e3:f1:05:f9:3d:f2:28:37: + 33:8f:88:dd:e8:b4:79:72:a0:83:b5:af:1c:92:86:4d:48:9b: + 5a:f4:97:c2:15:f2:31:2f:ca:95:b9:16:17:ce:de:0e:45:91: + f2:5b:de:27:3d:e0:7e:e4:3a:c7:45:f2:62:e7:3e:4e:d7:34: + 23:5b:28:ef +``` + +**TSG实体证书** + +``` +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 16286509647829799335 (0xe2054e3c2dde11a7) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=CN, ST=Beijing, L=Xicheng, O=GDNT, OU=Certificate Authority, CN=support/emailAddress=support@gdnt-cloud.com + Validity + Not Before: Nov 5 08:32:21 2021 GMT + Not After : Oct 30 08:32:21 2041 GMT + Subject: C=CN, ST=Beijing, L=Xicheng, O=GDNT, OU=TSG, CN=TSG9140/emailAddress=support@gdnt-cloud.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a8:5d:52:5b:9a:92:96:6c:e6:b8:19:02:e3:ce: + bd:b3:95:37:4d:a3:b6:5a:4e:d0:88:8c:af:db:64: + db:4e:3d:81:09:63:c1:78:d1:2b:13:6e:9c:57:c6: + d6:75:08:99:21:c3:54:a3:94:c7:b2:87:30:2d:0e: + b7:46:85:ac:bb:9b:3e:31:7f:6f:a5:61:e8:81:24: + dc:9e:9b:4a:a1:04:6d:1d:d7:24:8f:b7:34:85:57: + fa:88:07:b8:c2:c8:3f:c4:90:2c:05:6d:36:d0:c9: + 5b:0e:e4:99:e6:11:d0:99:29:b9:3f:5f:bf:34:98: + 82:bc:d8:2f:52:29:29:ab:f2:93:76:e6:e9:ab:49: + 1b:0f:27:0b:44:b1:d2:78:2d:df:1c:bb:51:37:01: + 0f:27:37:28:da:86:a3:6f:3a:f7:98:9a:76:fa:0f: + a6:dd:c1:74:96:75:ec:9d:38:df:c0:84:fe:c4:6f: + 23:23:79:05:5e:a8:9f:19:45:22:39:8c:0e:de:76: + 04:10:91:fe:6c:cc:da:69:79:a4:22:a7:fc:e3:7f: + 76:62:1c:60:11:af:97:2a:69:04:8e:01:72:8d:44: + b9:f8:b8:12:89:2b:8e:54:ec:11:72:1c:3c:d1:7b: + 68:ab:95:1c:c4:f8:59:a1:02:6e:5f:b1:00:57:cd: + 88:4f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha256WithRSAEncryption + 96:da:8d:f7:ef:75:07:36:ff:42:f4:c0:29:77:75:32:8f:f7: + c5:dc:0c:9b:7c:f1:f5:69:6b:7a:c0:b4:17:b4:20:84:2d:ac: + 58:0e:ad:93:31:3d:9d:ba:57:7f:04:44:96:21:9b:58:4c:5c: + 37:34:98:2c:df:30:3f:f5:a9:e4:df:5e:76:fc:78:b1:95:6d: + d4:5f:d4:bc:93:5b:88:59:7b:b7:a2:2f:de:0b:df:7f:b5:83: + e0:34:8c:45:0e:67:c2:82:28:67:79:ff:be:62:99:eb:bd:4d: + 6c:dc:7d:40:92:28:fa:cc:c1:22:c0:ef:f6:b1:f0:fd:cf:08: + 8d:c2:54:30:cb:7d:10:ff:04:7b:46:63:64:79:69:ca:7f:14: + 78:f4:90:be:bc:d0:54:5f:64:f2:c2:71:8d:d9:d2:8a:64:05: + 53:bb:1c:d8:24:1f:01:6e:53:6a:af:2d:77:1f:58:be:95:6c: + 8c:3c:b7:9d:ae:38:75:28:e3:f3:83:53:4b:7c:9e:7d:bd:d0: + f5:01:96:a5:5b:40:32:ff:79:ea:e1:3b:de:07:88:c9:1f:b9: + f2:70:a3:30:77:7e:15:d8:4b:b6:90:88:41:94:17:8a:2f:02: + 81:14:d1:7c:ca:2b:c2:9d:0c:71:f0:dd:f0:06:14:c0:bd:81: + 25:17:f9:d7 +``` +**Nezha实体证书** + +``` +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 16286509647829799334 (0xe2054e3c2dde11a6) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=CN, ST=Beijing, L=Xicheng, O=GDNT, OU=Certificate Authority, CN=support/emailAddress=support@gdnt-cloud.com + Validity + Not Before: Nov 5 08:04:17 2021 GMT + Not After : Oct 30 08:04:17 2041 GMT + Subject: C=CN, ST=Beijing, L=Xicheng, O=GDNT, OU=TSG, CN=Nezha/emailAddress=support@gdnt-cloud.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ab:5c:2e:a1:9c:49:33:c2:04:10:63:c2:2a:8b: + 6a:9a:81:71:96:75:35:0d:62:f3:85:de:03:b4:8b: + db:03:ba:dd:f9:bf:49:29:96:65:34:4b:0a:8e:ba: + 2c:4e:ad:92:d0:71:ed:b1:75:7f:5e:98:1c:a0:6c: + 80:be:00:94:d0:8e:74:8f:fb:e9:04:ba:c6:8b:88: + bf:a6:08:b5:2f:02:da:5f:4e:88:a5:44:2c:61:ef: + 2f:11:30:d9:b1:6e:df:6c:fc:dc:b9:6d:2e:0c:76: + 53:7a:15:ac:27:9f:b3:5b:db:a9:e4:3b:8d:ce:68: + c3:d6:d2:10:af:84:22:4e:4d:f3:b8:24:4f:71:72: + f2:81:e6:9f:d1:97:89:bd:1e:fa:31:6b:fd:1f:d2: + ea:6b:93:ac:14:6f:29:4b:3c:3b:38:87:ea:fb:57: + 82:11:fc:5e:3b:66:47:57:5e:5d:01:d6:a5:fc:4f: + 5e:da:6c:5f:d5:fc:45:4a:1e:71:96:fe:b6:7c:72: + 2b:7e:ab:8d:83:20:98:98:72:be:45:b7:5b:fe:1f: + 49:6b:6f:b4:ba:57:5b:52:41:3b:66:a7:42:c0:8a: + 53:46:a6:9e:fa:a5:5c:41:62:5b:73:07:36:b2:3d: + 07:ad:39:62:4c:3a:cb:bc:20:e4:c2:f7:60:07:c8: + ea:59 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha256WithRSAEncryption + 5a:59:68:75:bd:4f:3f:33:f9:85:8a:6e:eb:f9:da:25:28:fe: + 9f:a1:3a:3c:a3:bc:82:65:74:20:da:f1:45:53:5f:8b:e0:8e: + f1:54:b6:e2:5c:f4:6e:b5:78:b0:ea:09:e6:3d:05:e5:0b:64: + 31:5d:21:63:9c:56:de:3a:4c:54:aa:ea:56:8f:ef:14:59:c8: + d6:37:8b:57:9e:1c:68:f2:f4:c0:88:0c:c8:30:9d:95:cc:d1: + 1f:7c:cf:cb:cf:28:7e:ca:9d:ee:e7:13:6e:66:f9:b9:20:2c: + 3b:f3:18:19:63:fd:c2:fb:b8:ec:4c:aa:01:5f:20:16:08:86: + 62:e0:28:2b:d6:9b:38:05:2c:3c:ab:f8:b7:89:28:3d:80:ac: + 76:1c:45:d4:f3:6b:32:26:9f:e3:78:c2:42:97:8b:6c:ed:ef: + b1:39:27:bd:30:6d:d3:ef:1c:ef:c6:d8:cd:8b:8e:16:ad:e0: + 8a:9a:e4:6b:51:a9:b4:e5:5f:35:fa:ee:94:47:82:ee:25:d3: + 00:7d:5c:d8:87:c7:00:f6:9f:19:7a:90:64:9b:af:36:19:d5: + c9:0c:45:73:be:69:b4:05:f7:65:e8:eb:27:76:52:9c:00:1f: + 48:1e:2b:81:79:0d:2b:70:75:04:e2:08:11:bd:e6:49:12:2b: + 88:5b:ca:fd +``` \ No newline at end of file diff --git a/conf/ca-root-for-e21.conf b/conf/ca-root-for-e21.conf new file mode 100644 index 0000000..8638b66 --- /dev/null +++ b/conf/ca-root-for-e21.conf @@ -0,0 +1,19 @@ +[ req ] +default_bits = 4096 +default_md = sha256 +distinguished_name = req_distinguished_name +encrypt_key = no +prompt = no +x509_extensions = req_v3_ca + +[ req_distinguished_name ] +countryName = CN +stateOrProvinceName = Beijing +localityName = Xicheng +organizationName = GDNT +organizationalUnitName = Certificate Authority +commonName = support +emailAddress = support@gdnt-cloud.com + +[ req_v3_ca ] +basicConstraints = CA:true \ No newline at end of file diff --git a/conf/nezha-entity-for-e21.conf b/conf/nezha-entity-for-e21.conf new file mode 100644 index 0000000..362e8eb --- /dev/null +++ b/conf/nezha-entity-for-e21.conf @@ -0,0 +1,18 @@ +[ req ] +default_bits = 2048 +distinguished_name = req_distinguished_name +encrypt_key = no +prompt = no +req_extensions = req_v3_usr + +[ req_distinguished_name ] +countryName = CN +stateOrProvinceName = Beijing +localityName = Xicheng +organizationName = GDNT +organizationalUnitName = TSG +commonName = Nezha +emailAddress = support@gdnt-cloud.com + +[ req_v3_usr ] +basicConstraints = CA:FALSE \ No newline at end of file diff --git a/conf/tsg-entity-for-e21.conf b/conf/tsg-entity-for-e21.conf new file mode 100644 index 0000000..0fc1636 --- /dev/null +++ b/conf/tsg-entity-for-e21.conf @@ -0,0 +1,18 @@ +[ req ] +default_bits = 2048 +distinguished_name = req_distinguished_name +encrypt_key = no +prompt = no +req_extensions = req_v3_usr + +[ req_distinguished_name ] +countryName = CN +stateOrProvinceName = Beijing +localityName = Xicheng +organizationName = GDNT +organizationalUnitName = TSG +commonName = TSG9140 +emailAddress = support@gdnt-cloud.com + +[ req_v3_usr ] +basicConstraints = CA:FALSE \ No newline at end of file diff --git a/crt/ca-root-for-e21.crt b/crt/ca-root-for-e21.crt new file mode 100644 index 0000000..67c1e34 --- /dev/null +++ b/crt/ca-root-for-e21.crt @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIIDxzCCAq+gAwIBAgIJAMVUhMV5Ku+SMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD +VQQGEwJDTjEQMA4GA1UECAwHQmVpamluZzEQMA4GA1UEBwwHWGljaGVuZzENMAsG +A1UECgwER0ROVDEeMBwGA1UECwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRAwDgYD +VQQDDAdzdXBwb3J0MSUwIwYJKoZIhvcNAQkBFhZzdXBwb3J0QGdkbnQtY2xvdWQu +Y29tMB4XDTIxMTEwNTA3NDcxOVoXDTQxMTAzMTA3NDcxOVowgZkxCzAJBgNVBAYT +AkNOMRAwDgYDVQQIDAdCZWlqaW5nMRAwDgYDVQQHDAdYaWNoZW5nMQ0wCwYDVQQK +DARHRE5UMR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxEDAOBgNVBAMM +B3N1cHBvcnQxJTAjBgkqhkiG9w0BCQEWFnN1cHBvcnRAZ2RudC1jbG91ZC5jb20w +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTJ3FZ6R4GTWg9XAHtMqaP +yP91tMxP+o8em4pqyIsUIMzt46KPsS0btWvAh9Ct13gzfT0f6Vn/0z7A42jme2QB +o+IdEJ2L7iMLErw7p55taLLPw88spjAg/dqDaqrZmSct2smRvqgbVmX4y/g7agc8 +ZVyoCVhzwlXndPUR3tw3ikdEAfTRPkJznPNrbA2AmVBVmye5BzP6XDZg79DYSf6h +KD3/Y8frvgqPnQmbjs9BbYIu77/u5/GzQfrPjTcdHCRp0v3Nxwyy+TulN1VT4qZ9 +XWp8jPckXIZmosOgi0VgbfC84ylP81rVVKBGKlnP/JXZLKbLPdXu6P7+Ay3wpEtJ +AgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJcITt2h +smve0cGK7+YxABMQ6MpeZ2CG2yaSVetqzl8Ik96tTZ5dXTGOv48mTzwFER8oXvSl +SdzjQOynXRdnCS4G9YjtY4rBkvoiyyvxyAg8YeStPmW6jghVi7s14bpNvP5ZBgf9 +tVBsDHcnIhsf1xf90QpqvThtliHCR93KrISX+XA74u4VuIqEDWsP51vD6yrQM6E6 +reerCQbi/PlEOwexEyjTZkgzIGrUIzQYT6TG5MLwg4iV56Je8M5ZmELj8QX5PfIo +NzOPiN3otHlyoIO1rxyShk1Im1r0l8IV8jEvypW5FhfO3g5FkfJb3ic94H7kOsdF +8mLnPk7XNCNbKO8= +-----END CERTIFICATE----- diff --git a/crt/ca-root-for-e21.srl b/crt/ca-root-for-e21.srl new file mode 100644 index 0000000..a28c951 --- /dev/null +++ b/crt/ca-root-for-e21.srl @@ -0,0 +1 @@ +E2054E3C2DDE11A7 diff --git a/crt/nezha-entity-for-e21.crt b/crt/nezha-entity-for-e21.crt new file mode 100644 index 0000000..40c9a8c --- /dev/null +++ b/crt/nezha-entity-for-e21.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDsDCCApigAwIBAgIJAOIFTjwt3hGmMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD +VQQGEwJDTjEQMA4GA1UECAwHQmVpamluZzEQMA4GA1UEBwwHWGljaGVuZzENMAsG +A1UECgwER0ROVDEeMBwGA1UECwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRAwDgYD +VQQDDAdzdXBwb3J0MSUwIwYJKoZIhvcNAQkBFhZzdXBwb3J0QGdkbnQtY2xvdWQu +Y29tMB4XDTIxMTEwNTA4MDQxN1oXDTQxMTAzMDA4MDQxN1owgYUxCzAJBgNVBAYT +AkNOMRAwDgYDVQQIDAdCZWlqaW5nMRAwDgYDVQQHDAdYaWNoZW5nMQ0wCwYDVQQK +DARHRE5UMQwwCgYDVQQLDANUU0cxDjAMBgNVBAMMBU5lemhhMSUwIwYJKoZIhvcN +AQkBFhZzdXBwb3J0QGdkbnQtY2xvdWQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAq1wuoZxJM8IEEGPCKotqmoFxlnU1DWLzhd4DtIvbA7rd+b9J +KZZlNEsKjrosTq2S0HHtsXV/XpgcoGyAvgCU0I50j/vpBLrGi4i/pgi1LwLaX06I +pUQsYe8vETDZsW7fbPzcuW0uDHZTehWsJ5+zW9up5DuNzmjD1tIQr4QiTk3zuCRP +cXLygeaf0ZeJvR76MWv9H9Lqa5OsFG8pSzw7OIfq+1eCEfxeO2ZHV15dAdal/E9e +2mxf1fxFSh5xlv62fHIrfquNgyCYmHK+Rbdb/h9Ja2+0uldbUkE7ZqdCwIpTRqae ++qVcQWJbcwc2sj0HrTliTDrLvCDkwvdgB8jqWQIDAQABow0wCzAJBgNVHRMEAjAA +MA0GCSqGSIb3DQEBCwUAA4IBAQBaWWh1vU8/M/mFim7r+dolKP6foTo8o7yCZXQg +2vFFU1+L4I7xVLbiXPRutXiw6gnmPQXlC2QxXSFjnFbeOkxUqupWj+8UWcjWN4tX +nhxo8vTAiAzIMJ2VzNEffM/Lzyh+yp3u5xNuZvm5ICw78xgZY/3C+7jsTKoBXyAW +CIZi4Cgr1ps4BSw8q/i3iSg9gKx2HEXU82syJp/jeMJCl4ts7e+xOSe9MG3T7xzv +xtjNi44WreCKmuRrUam05V81+u6UR4LuJdMAfVzYh8cA9p8ZepBkm682GdXJDEVz +vmm0Bfdl6OsndlKcAB9IHiuBeQ0rcHUE4ggRveZJEiuIW8r9 +-----END CERTIFICATE----- diff --git a/crt/tsg-entity-for-e21.crt b/crt/tsg-entity-for-e21.crt new file mode 100644 index 0000000..a26277a --- /dev/null +++ b/crt/tsg-entity-for-e21.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDsjCCApqgAwIBAgIJAOIFTjwt3hGnMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD +VQQGEwJDTjEQMA4GA1UECAwHQmVpamluZzEQMA4GA1UEBwwHWGljaGVuZzENMAsG +A1UECgwER0ROVDEeMBwGA1UECwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRAwDgYD +VQQDDAdzdXBwb3J0MSUwIwYJKoZIhvcNAQkBFhZzdXBwb3J0QGdkbnQtY2xvdWQu +Y29tMB4XDTIxMTEwNTA4MzIyMVoXDTQxMTAzMDA4MzIyMVowgYcxCzAJBgNVBAYT +AkNOMRAwDgYDVQQIDAdCZWlqaW5nMRAwDgYDVQQHDAdYaWNoZW5nMQ0wCwYDVQQK +DARHRE5UMQwwCgYDVQQLDANUU0cxEDAOBgNVBAMMB1RTRzkxNDAxJTAjBgkqhkiG +9w0BCQEWFnN1cHBvcnRAZ2RudC1jbG91ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQCoXVJbmpKWbOa4GQLjzr2zlTdNo7ZaTtCIjK/bZNtOPYEJ +Y8F40SsTbpxXxtZ1CJkhw1SjlMeyhzAtDrdGhay7mz4xf2+lYeiBJNyem0qhBG0d +1ySPtzSFV/qIB7jCyD/EkCwFbTbQyVsO5JnmEdCZKbk/X780mIK82C9SKSmr8pN2 +5umrSRsPJwtEsdJ4Ld8cu1E3AQ8nNyjahqNvOveYmnb6D6bdwXSWdeydON/AhP7E +byMjeQVeqJ8ZRSI5jA7edgQQkf5szNppeaQip/zjf3ZiHGARr5cqaQSOAXKNRLn4 +uBKJK45U7BFyHDzRe2irlRzE+FmhAm5fsQBXzYhPAgMBAAGjDTALMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggEBAJbajffvdQc2/0L0wCl3dTKP98XcDJt88fVp +a3rAtBe0IIQtrFgOrZMxPZ26V38ERJYhm1hMXDc0mCzfMD/1qeTfXnb8eLGVbdRf +1LyTW4hZe7eiL94L33+1g+A0jEUOZ8KCKGd5/75imeu9TWzcfUCSKPrMwSLA7/ax +8P3PCI3CVDDLfRD/BHtGY2R5acp/FHj0kL680FRfZPLCcY3Z0opkBVO7HNgkHwFu +U2qvLXcfWL6VbIw8t52uOHUo4/ODU0t8nn290PUBlqVbQDL/eerhO94HiMkfufJw +ozB3fhXYS7aQiEGUF4ovAoEU0XzKK8KdDHHw3fAGFMC9gSUX+dc= +-----END CERTIFICATE----- diff --git a/csr/nezha-entity-for-e21.csr b/csr/nezha-entity-for-e21.csr new file mode 100644 index 0000000..2a60e62 --- /dev/null +++ b/csr/nezha-entity-for-e21.csr @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIC5zCCAc8CAQAwgYUxCzAJBgNVBAYTAkNOMRAwDgYDVQQIDAdCZWlqaW5nMRAw +DgYDVQQHDAdYaWNoZW5nMQ0wCwYDVQQKDARHRE5UMQwwCgYDVQQLDANUU0cxDjAM +BgNVBAMMBU5lemhhMSUwIwYJKoZIhvcNAQkBFhZzdXBwb3J0QGdkbnQtY2xvdWQu +Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1wuoZxJM8IEEGPC +KotqmoFxlnU1DWLzhd4DtIvbA7rd+b9JKZZlNEsKjrosTq2S0HHtsXV/XpgcoGyA +vgCU0I50j/vpBLrGi4i/pgi1LwLaX06IpUQsYe8vETDZsW7fbPzcuW0uDHZTehWs +J5+zW9up5DuNzmjD1tIQr4QiTk3zuCRPcXLygeaf0ZeJvR76MWv9H9Lqa5OsFG8p +Szw7OIfq+1eCEfxeO2ZHV15dAdal/E9e2mxf1fxFSh5xlv62fHIrfquNgyCYmHK+ +Rbdb/h9Ja2+0uldbUkE7ZqdCwIpTRqae+qVcQWJbcwc2sj0HrTliTDrLvCDkwvdg +B8jqWQIDAQABoBwwGgYJKoZIhvcNAQkOMQ0wCzAJBgNVHRMEAjAAMA0GCSqGSIb3 +DQEBCwUAA4IBAQBIRN2I6tsXPkCCIZTAMXWb4v/E69+ZUKouhw8xLGvAoed/QgYb +F38EJkcWxDuEQLMya6pq/DEX4bxYwfRurCuda50p76Nd9ddZ6ogqmqdrqNHoPQNr +k0PJIOUbK30Y/gcM6yFBXBl+exOXjdb1BHivFksgPztkqGh4PP5n3DeWBdWjHGlI +c5Mrqytdx0D3K0syL6hBKhCIzPjplnvXr/b920KuvMiVB5KA51P8zj22yIfI0e0g +IU9CV5NZFC7qOSVec03cjMRiQo5lgH9+547K1VA3jpv5gPwzTmpBGBIzkSS8bqjq +D/raS5eRgHOv0CCX0TS9G5pxDqmduKHfnHa8 +-----END CERTIFICATE REQUEST----- diff --git a/csr/tsg-entity-for-e21.csr b/csr/tsg-entity-for-e21.csr new file mode 100644 index 0000000..7c92f88 --- /dev/null +++ b/csr/tsg-entity-for-e21.csr @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIC6TCCAdECAQAwgYcxCzAJBgNVBAYTAkNOMRAwDgYDVQQIDAdCZWlqaW5nMRAw +DgYDVQQHDAdYaWNoZW5nMQ0wCwYDVQQKDARHRE5UMQwwCgYDVQQLDANUU0cxEDAO +BgNVBAMMB1RTRzkxNDAxJTAjBgkqhkiG9w0BCQEWFnN1cHBvcnRAZ2RudC1jbG91 +ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoXVJbmpKWbOa4 +GQLjzr2zlTdNo7ZaTtCIjK/bZNtOPYEJY8F40SsTbpxXxtZ1CJkhw1SjlMeyhzAt +DrdGhay7mz4xf2+lYeiBJNyem0qhBG0d1ySPtzSFV/qIB7jCyD/EkCwFbTbQyVsO +5JnmEdCZKbk/X780mIK82C9SKSmr8pN25umrSRsPJwtEsdJ4Ld8cu1E3AQ8nNyja +hqNvOveYmnb6D6bdwXSWdeydON/AhP7EbyMjeQVeqJ8ZRSI5jA7edgQQkf5szNpp +eaQip/zjf3ZiHGARr5cqaQSOAXKNRLn4uBKJK45U7BFyHDzRe2irlRzE+FmhAm5f +sQBXzYhPAgMBAAGgHDAaBgkqhkiG9w0BCQ4xDTALMAkGA1UdEwQCMAAwDQYJKoZI +hvcNAQELBQADggEBAACrePFPCth4U+X1IKqQBfR5L7GAKdyXza2oCdFzjgaXGhig +53UlPrLMQKP5DwQzRpt0ZlURfXDgW+SPDzHvoba2cBTPbP3ApU9VxMxwyHoxb77r +0ZlTZ8zQgc4NMoGsjCkiD3+dswVeRJZCLjHM/krpW21HT8AnABLwxNJn6nCQ5365 +RUh6iyDBynMJ90qf3Z3bCvmPhMrSC7DHqnlKzLw08qWU/GsxGJnqw6EtHlMm+TgE +EYya6mJEKRo+hrCY8IdAIyOxYhC4ZRTKCNIVMgn6VHIFdUwPuT1o0mpOtXAyLL2A +zmZfW3rThwGprGUE6Yz7yGKOQJusuHA3QrNCsms= +-----END CERTIFICATE REQUEST----- diff --git a/key/ca-root-for-e21.key b/key/ca-root-for-e21.key new file mode 100644 index 0000000..19600ee --- /dev/null +++ b/key/ca-root-for-e21.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEA0ydxWekeBk1oPVwB7TKmj8j/dbTMT/qPHpuKasiLFCDM7eOi +j7EtG7VrwIfQrdd4M309H+lZ/9M+wONo5ntkAaPiHRCdi+4jCxK8O6eebWiyz8PP +LKYwIP3ag2qq2ZknLdrJkb6oG1Zl+Mv4O2oHPGVcqAlYc8JV53T1Ed7cN4pHRAH0 +0T5Cc5zza2wNgJlQVZsnuQcz+lw2YO/Q2En+oSg9/2PH674Kj50Jm47PQW2CLu+/ +7ufxs0H6z403HRwkadL9zccMsvk7pTdVU+KmfV1qfIz3JFyGZqLDoItFYG3wvOMp +T/Na1VSgRipZz/yV2Symyz3V7uj+/gMt8KRLSQIDAQABAoIBAGGbjwtn9qglKjWL +DZzvWA2JdYWc0QF7qqMUdZTNJXVlgDXLj37rARYY9Dlozu89dmQe1Z2lyiO3LAAQ +X5KDoYQclM6ouptPtsVMoNTWtCaRSm8+bcuO+xqVHmi3a0jxQioxRBJqVt1kP/kV +mKcmaTfjB0TqJQhF4l3/M7ZSFexZ2TXYIsfhNEf3AquGcIsXptf7cG698K2RvvOS +/M/PF6bZc63yA7r33j9wL1s0BeAAc5JvbH4kxJWltLaYUPM1QlX2c9f63cvvO936 +xDu1ClYfo4c2qwIpVGTGHoT0OienGWcIah9r9vi+gTLHhqjzHO9Oz0VzS9eYJcJC +Mn/MOE0CgYEA9bmuQR4f7RVzDIlIh/erDTkZP09aB6KRJ+kaLDj6lXp9lsI8WFPx +TkC6WCvrp3ZSSVZvSG5V1zWw5wmZcd5kQGPlLecultMVUi5a2k6vpwDEIBuOQz0N +jZ7fpJC2GVqJMMCWvGtn8omU7dWL9xo8usJyVZNK4xsGir16w6zRozcCgYEA2/uz +be8zJ0uyi5uYYSBzRyUszU+0qj9Irov2qc/+Ko+ELMQmMkuKK9Tx5ZZyMbA7WFLl +Jup72zYrDfCmqnhfXq9ZfsIGfi7OiwF3FZaMqcH1ZIRIDrHBp1yEECwCCIqei33V +dAAzkoHeWuBKer0JE/9hx3o6V5bZPYiJqMnNxX8CgYANjOW9FYoxKsOjZ1ammNPH +8OQhh6CxVxemGcaltaar44tVavSk8kwWQp+ECTf/jhjPjoKofd0h9wYAV5ksnFTu +8BNNSrhY/N7qH0BHVZt+HB60npBjyNQcgSxYCNrh3wo9tAEb9thOmaOq0eHcCIhc +zCg969dvWqgrsnM4oykUVQKBgFevZZ8daItyTfH+DGgysiCavdf8vGvcG9GPcrvP +b2VxnWLmsL79g07ja6RzKoOJ1q3nJPY1IzeGyPSehyCOKJ2qUYcIOeRULfoUlG4j +e2AzMuhlHf/VdPaMFwwHLqxO7NF3T/0UE3qDj6kznBx+ez7gXg5QNy8wrtkrMov4 +HLBrAoGBALVoyM3HhpxqfUScCA6OUvtpZLN3UOt52mvuCbtT6JTbPzZ52TLhkLdq +BVvH30tNM1zPvNAejnUZiksleMNjo1N1lrqB6MHK828IBpY1u7PRnmz62fkqR0TX +/w7QJILnj+E7Nt8sAiZhJ2j69WmRJZJFEPtjD6jqyNIdRE6ADlKx +-----END RSA PRIVATE KEY----- diff --git a/key/nezha-entity-for-e21.key b/key/nezha-entity-for-e21.key new file mode 100644 index 0000000..66736b0 --- /dev/null +++ b/key/nezha-entity-for-e21.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAq1wuoZxJM8IEEGPCKotqmoFxlnU1DWLzhd4DtIvbA7rd+b9J +KZZlNEsKjrosTq2S0HHtsXV/XpgcoGyAvgCU0I50j/vpBLrGi4i/pgi1LwLaX06I +pUQsYe8vETDZsW7fbPzcuW0uDHZTehWsJ5+zW9up5DuNzmjD1tIQr4QiTk3zuCRP +cXLygeaf0ZeJvR76MWv9H9Lqa5OsFG8pSzw7OIfq+1eCEfxeO2ZHV15dAdal/E9e +2mxf1fxFSh5xlv62fHIrfquNgyCYmHK+Rbdb/h9Ja2+0uldbUkE7ZqdCwIpTRqae ++qVcQWJbcwc2sj0HrTliTDrLvCDkwvdgB8jqWQIDAQABAoIBAG+5TWnvBMcrIw0w +jYLBnUKZTN6lEm7k6hOIue+4E5at+lYAAoqL1PYwSvTdq0+s2YDwFuJR0jZxhJCP +zayTonMLvjG2M6nywMpu4U02djLtcEUdZfgip7E+ifhyWizWNfPQNXTsG07iwvBh +OvompIEqie0VaxJ9udnQ4jIdO2TDWt573lYen7AfX72jeG03kVMS0xUNdxWXQo+g +/Jv5E2NsWFzWH/a4ezPmYDFxQaKh3b0yJNJC8o12GnjU98COvq80Y6l400x8uDIv +KUYNebGDydKv6Sh66jEHDM9KHSJFlOOvh4OSkx+Vp1FsULya0Qt80lVW6/Cqf0Kc +3su1y5ECgYEA2loxcPwwCXYNdc2a99LWqhluPJ94lpVdLd7APBBSlB/QT84qfuj5 +j6fZ+UXWCPghxajIBtaoihacmDkArlOpaVsmHeXiiisyp0Wc8Lvto3NqmNMj1qVj +7shTlTIKhVIsN82CN7kCc5PeUsBkRVHwKwq5/SpuuVNf8Q+yA4SGWUUCgYEAyOfP +EoWlzZJq1gxUxdG36JjZnikIevD5RH2d7x+kdrC19C/1dnNgraJa3uDF5+WFvCOH +C0zjuLMU7f0H7VkvsVoZgwIUFbLjcqnHK2VVLj70oeO4xXYia9miaYGTh2TNIVGu +bCmg/9/8w6FXisVC7Kpe9aJKN0gkB5cu5dKZPAUCgYA9ND7bjrTgUgjf1mvzv1OQ +hmRR9dlVTDS8IM39iA29m1VGqWFcBW2+iKwepSajiPneb7rxv8WqP0BRotjABI9e +CsCabM+dLxKZtHeTOvoXcMiWYciP5/gk/F4BWe99A1WFpsMzX1aCkxYkV+1DSP5q +8izD+9rhc69W4LFjLwiBiQKBgCMRCvyxpSoHh2xLBLTukQohO8K2aMuEqg2BW4K0 +ZDFvUKMJh++f3d0QvImwc/qw/jHDhbu8NPc1Es8jXjHYYlGzZ0aNo1HSQo7uAVya +uE51IJ/tLoAQyZtHhmih/E0ilAdfyXEJpxdiUi0XST9ohPDoH+EB7bBOgDNu+PmW +U7a9AoGBANhwuJ1F34adH9FSWaFz2Fv5aeQgzcK/lDLR9DQ8YGWgAAJwKcRam/3b +YeKpIPra7ctyl9EYXkFn/luoMNqY4ziponxgCSIQNmkIzIoJANpRbe3Xh0aF3bwA +C2RLhQtwXMR2y3fL126y2bApKn5RFmiQ3vsuvf1j7ATNBGoXgH7K +-----END RSA PRIVATE KEY----- diff --git a/key/tsg-entity-for-e21.key b/key/tsg-entity-for-e21.key new file mode 100644 index 0000000..a7717b3 --- /dev/null +++ b/key/tsg-entity-for-e21.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEAqF1SW5qSlmzmuBkC4869s5U3TaO2Wk7QiIyv22TbTj2BCWPB +eNErE26cV8bWdQiZIcNUo5THsocwLQ63RoWsu5s+MX9vpWHogSTcnptKoQRtHdck +j7c0hVf6iAe4wsg/xJAsBW020MlbDuSZ5hHQmSm5P1+/NJiCvNgvUikpq/KTdubp +q0kbDycLRLHSeC3fHLtRNwEPJzco2oajbzr3mJp2+g+m3cF0lnXsnTjfwIT+xG8j +I3kFXqifGUUiOYwO3nYEEJH+bMzaaXmkIqf84392YhxgEa+XKmkEjgFyjUS5+LgS +iSuOVOwRchw80Xtoq5UcxPhZoQJuX7EAV82ITwIDAQABAoIBAQCA0o7umlHpGUBb +wn9skUajPtwG4unnJYD3yjXQd9Y5gmPWLGbfq6P7BVpI61IyUDbjF5MOawt1dW0O +PMFNC4EENx+aPfjOISEGl47bKNUsaLeY6oIGGNbt5EhEhyv+lbv9CZc1O8CCdl7f +AVkkKaNjXgJpFDi35K28Eun6QpapAf7/1LkNfEZFUAPCXP+J1oOKo+bryzr522tr +4fHjq84q8BZ1UDbsWYJO54yQzPAOScvSzf6AVhYxz5t+WdunOCoUSd0mvH5T+s4s +UNuM3WXdHQvEy9dGnYVOeMFZSU7TblYU/Ai5rVOwZr04EqBuQWdQxWqT2u+IMJx2 +fXNCTu0pAoGBAN8JoTwyDOo6ti6hCQSc3avx/7HNgNjY6YirhXM2yGqBWMig5L9U +N7xAhbXdB4v/EHeuQTHOEPs3+7uae6/Nt7tj9dGICr/t31ttzzSBbi+iihwQjRpm +DGGpcVVFXCoBrvF7GvRV0Fwt6Wsh0c6mCUIy2KF9mZ3mqE3R9sGl/GG1AoGBAME/ +Mv+Rs+DQKUgUz+pgCbH4DnTsUhfNSGBLsFlIlifUozgIivz0rbFpM3JnNjAkBE9Q +fe8359SG0UBb5W2y0WzAhNC640PSvn8vyNfhGN6ai3oNpGMJzxqW18xvKTYUwscZ +taevWyXpWP2buyKabGi8dUHYDcNQSSoUU5C9zZRzAoGAOLw7XpOgw2iB9WSTZa/9 +l4Kst27+Kqsq5NA01zUFUEps6kQ7TAxBTUrgeH2sMMmGR9t0zBWOLkl0aKmIcxUS +esGXw2Am0+HPonNRdRrDi6x+E1uGeUOiPKmcocNOCYV6GgVluuelY/1t1gm5VCba +ThOfFZ1cmVUWVQ1nBqWRiM0CgYEAlcTNWZUqu8mYtOysVxEncm61hZjB5wCKX1dJ +zWicNzJtbTfxwCpBk4XdAYVMUfMYBAB2GbhSTDxQYHjYTzSPaqGqTbsJ976VNS1r +kyQ5igxsnKOGC9vGTu0pQp/EaM2eR4B9cQBOvAsllSfk2OSlsGae2fEAeab3jU1D +lqIDelECgYEAveecFCFzEHu68oZWca07BKtHlhs4Ku8pTW7HwZ8Vagv83UeddfHh +bP/IqRngwU+zSfjLo7CwFWnkSIlzcY+g0SUspGU44kTr0kjhurxwscNeL9FAusFU +28nTCozLexEGFieDVCx7t1dtgvzCt0PImEaEk8sx9l1w5C8j6we+o2Q= +-----END RSA PRIVATE KEY----- diff --git a/sign.sh b/sign.sh index 1a31ae0..7edcf6b 100644 --- a/sign.sh +++ b/sign.sh @@ -6,4 +6,24 @@ openssl ecparam -name secp256r1 -genkey -out key/self-sign.key # 使用椭圆曲 #./tool gen-key key/self-sign.key gdnt-cloud.com 2048 # 使用 RSA 生成私钥 ./tool gen-csr csr/self-sign.csr gdnt-cloud.com conf/self-sign.conf key/self-sign.key ./tool self-sign crt/self-sign.crt gdnt-cloud.com 3650 sha256 req_v3_usr conf/self-sign.conf csr/self-sign.csr key/self-sign.key -./tool chain chain.pem gdnt-cloud.com crt/self-sign.crt \ No newline at end of file +./tool chain chain.pem gdnt-cloud.com crt/self-sign.crt + +## 签发根证书,用于为 TSG/Nezha 界面的服务端签发证书 + +#openssl ecparam -name secp256r1 -genkey -out key/ca-root-for-e21.key # 使用椭圆曲线 +./tool gen-key key/ca-root-for-e21.key gdnt-cloud.com 2048 # 使用 RSA +./tool gen-ca crt/ca-root-for-e21.crt gdnt-cloud.com conf/ca-root-for-e21.conf key/ca-root-for-e21.key + +## 为 TSG 界面的服务端签发实体证书 + +#openssl ecparam -name secp256r1 -genkey -out key/tsg-entity-for-e21.key # 使用椭圆曲线 +./tool gen-key key/tsg-entity-for-e21.key gdnt-cloud.com 2048 # 使用 RSA +./tool gen-csr csr/tsg-entity-for-e21.csr gdnt-cloud.com conf/tsg-entity-for-e21.conf key/tsg-entity-for-e21.key +./tool sign crt/tsg-entity-for-e21.crt gdnt-cloud.com 7299 sha256 req_v3_usr conf/tsg-entity-for-e21.conf csr/tsg-entity-for-e21.csr key/ca-root-for-e21.key crt/ca-root-for-e21.crt + +## 为 Nezha 界面的服务端签发实体证书 + +#openssl ecparam -name secp256r1 -genkey -out key/nezha-entity-for-e21.key # 使用椭圆曲线 +./tool gen-key key/nezha-entity-for-e21.key gdnt-cloud.com 2048 # 使用 RSA +./tool gen-csr csr/nezha-entity-for-e21.csr gdnt-cloud.com conf/nezha-entity-for-e21.conf key/nezha-entity-for-e21.key +./tool sign crt/nezha-entity-for-e21.crt gdnt-cloud.com 7299 sha256 req_v3_usr conf/nezha-entity-for-e21.conf csr/nezha-entity-for-e21.csr key/ca-root-for-e21.key crt/ca-root-for-e21.crt \ No newline at end of file