#author("2019-08-31T17:13:06+09:00","","")
#contents()
*** KEY ファイルの作成 [#e10f9d1f]
- AWS のホームディレクトリで作成
- passphrase = nanamochahiko
- module = &color(red){00:b1:45:a5:4e:ea:8f:....};
- &ref(hmuna_190831.key);
[AWS] ubuntu:~/work20190831$ openssl genrsa -des3 2048 > hmuna_190831.key
Generating RSA private key, 2048 bit long modulus
....................+++
.+++
e is 65537 (0x10001)
Enter pass phrase:
Verifying - Enter pass phrase:
[AWS] ubuntu:~/work20190831$ ls -l
total 4
-rw-rw-r-- 1 ubuntu ubuntu 1743 Aug 31 09:18 hmuna_190831.key
[AWS] ubuntu:~/work20190831$ sudo openssl rsa -in hmuna_190831.key -text
Enter pass phrase for hmuna_190831.key:
Private-Key: (2048 bit)
modulus:
00:b1:45:a5:4e:ea:8f:c1:f1:b4:53:36:50:0d:1d:
93:ec:f4:b8:55:5c:d1:0e:de:11:ab:88:53:ad:d6:
2c:28:81:b8:d2:dd:1c:ff:73:d6:93:7d:de:0c:54:
c8:c4:a5:28:0a:83:e1:76:d2:3e:9a:59:1c:72:23:
32:51:10:db:e4:da:97:83:8b:95:d9:c7:7e:d1:f3:
44:fb:a8:d2:c2:7b:0a:b9:ce:4f:16:17:d9:d3:2e:
a7:60:dc:d3:16:2c:8f:a7:55:12:4e:11:ad:9b:ee:
ce:ca:30:db:5c:65:b6:e7:61:73:3b:db:16:f1:27:
17:ab:f8:ec:50:8c:0c:64:f1:a6:20:56:da:88:7d:
33:28:2e:1e:16:eb:44:c4:9f:eb:bd:64:ae:d3:e9:
9f:6d:7b:2f:37:b0:c1:69:22:f4:36:3c:6d:dd:e2:
35:00:d3:6f:a1:b8:8c:c4:d5:1f:c5:4c:d0:db:15:
0e:3f:8b:97:4d:0c:ea:35:9d:c1:90:49:b1:eb:f2:
16:9d:af:66:51:41:85:de:64:20:de:d0:37:dc:5d:
a2:37:cb:14:67:61:6b:31:7c:01:01:8c:c4:b2:f1:
a5:3f:43:c0:c4:d7:83:f9:0e:10:28:2b:e2:be:d2:
0e:89:74:7f:16:b6:12:6b:15:97:23:eb:ac:4f:8e:
32:b9
publicExponent: 65537 (0x10001)
*** CSR ファイルの作成 [#a20a4427]
- AWS のホームディレクトリで作成
- passphrase = nanamochahiko
- module = &color(red){00:b1:45:a5:4e:ea:8f:....};
- &ref(hmuna_190831.csr);
[AWS] ubuntu:~/work20190831$ openssl req -new -key hmuna_190831.key -out hmuna_190831.csr
Enter pass phrase for hmuna_190831.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:Kanagawa
Locality Name (eg, city) []:Yokohama
Organization Name (eg, company) [Internet Widgits Pty Ltd]:IT Admin
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:mail.hmuna.com
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[AWS] ubuntu:~/work20190831$ ls -la
total 16
drwxrwxr-x 2 ubuntu ubuntu 4096 Aug 31 09:33 .
drwxr-xr-x 7 ubuntu ubuntu 4096 Aug 31 09:17 ..
-rw-rw-r-- 1 ubuntu ubuntu 1009 Aug 31 09:33 hmuna_190831.csr
-rw-rw-r-- 1 ubuntu ubuntu 1743 Aug 31 09:18 hmuna_190831.key
[AWS] ubuntu:~/work20190831$ sudo openssl req -in hmuna_190831.csr -text
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=JP, ST=Kanagawa, L=Yokohama, O=IT Admin, OU=IT, CN=mail.hmuna.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b1:45:a5:4e:ea:8f:c1:f1:b4:53:36:50:0d:1d:
93:ec:f4:b8:55:5c:d1:0e:de:11:ab:88:53:ad:d6:
2c:28:81:b8:d2:dd:1c:ff:73:d6:93:7d:de:0c:54:
c8:c4:a5:28:0a:83:e1:76:d2:3e:9a:59:1c:72:23:
32:51:10:db:e4:da:97:83:8b:95:d9:c7:7e:d1:f3:
44:fb:a8:d2:c2:7b:0a:b9:ce:4f:16:17:d9:d3:2e:
a7:60:dc:d3:16:2c:8f:a7:55:12:4e:11:ad:9b:ee:
ce:ca:30:db:5c:65:b6:e7:61:73:3b:db:16:f1:27:
17:ab:f8:ec:50:8c:0c:64:f1:a6:20:56:da:88:7d:
33:28:2e:1e:16:eb:44:c4:9f:eb:bd:64:ae:d3:e9:
9f:6d:7b:2f:37:b0:c1:69:22:f4:36:3c:6d:dd:e2:
35:00:d3:6f:a1:b8:8c:c4:d5:1f:c5:4c:d0:db:15:
0e:3f:8b:97:4d:0c:ea:35:9d:c1:90:49:b1:eb:f2:
16:9d:af:66:51:41:85:de:64:20:de:d0:37:dc:5d:
a2:37:cb:14:67:61:6b:31:7c:01:01:8c:c4:b2:f1:
a5:3f:43:c0:c4:d7:83:f9:0e:10:28:2b:e2:be:d2:
0e:89:74:7f:16:b6:12:6b:15:97:23:eb:ac:4f:8e:
32:b9
Exponent: 65537 (0x10001)
*** [[SSLストア:https://www.ssl-store.jp/system/service.php/certificate]] から新規で Positive SSL(2年/2,400円)を購入 [#id1f488c]
- OU を空欄にしないと審査に時間かかる事がある.... と書いてあったが、上記の設定(OU=IT) で申請した
- &ref(【SSLストア】お申込み完了のご案内(cs1-0700584).eml);
- 数分で証明書が発行された -----> &ref(mail_hmuna_com.zip);
**************************************************
証明書番号:cs1-0700584
商品名 :PositiveSSL
年数 :2年
**************************************************
------------------------------------------------------
証明書情報
------------------------------------------------------
証明書番号:cs1-0700584
コモンネーム:mail.hmuna.com
CSR:
-----BEGIN CERTIFICATE REQUEST-----
MIICsTCCAZkCAQAwbDELMAkGA1UEBhMCSlAxETAPBgNVBAgMCEthbmFnYXdhMREw
DwYDVQQHDAhZb2tvaGFtYTERMA8GA1UECgwISVQgQWRtaW4xCzAJBgNVBAsMAklU
MRcwFQYDVQQDDA5tYWlsLmhtdW5hLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALFFpU7qj8HxtFM2UA0dk+z0uFVc0Q7eEauIU63WLCiBuNLdHP9z
1pN93gxUyMSlKAqD4XbSPppZHHIjMlEQ2+Tal4OLldnHftHzRPuo0sJ7CrnOTxYX
2dMup2Dc0xYsj6dVEk4RrZvuzsow21xltudhczvbFvEnF6v47FCMDGTxpiBW2oh9
MyguHhbrRMSf671krtPpn217LzewwWki9DY8bd3iNQDTb6G4jMTVH8VM0NsVDj+L
l00M6jWdwZBJsevyFp2vZlFBhd5kIN7QN9xdojfLFGdhazF8AQGMxLLxpT9DwMTX
g/kOECgr4r7SDol0fxa2EmsVlyPrrE+OMrkCAwEAAaAAMA0GCSqGSIb3DQEBCwUA
A4IBAQApBz5i+iAEC24wJVF4e87FgS1fj1pcY88wtT0R57D8sKPhJa1NbsfYxabZ
ZGD1HejTqFwsFoT/9Ir+J6BtbcRd9FAhQuihqHvD/OAOC8+0mOJdteCxTLHBeHz8
C6GBcnPhlW4zut6DFaQ0UmrQzV41xal1ZQngFYepBgnpmXb8jHs8dcErT6hKx5Da
KX8MSINqKV3AzlkHXOgv8LWE6apqKPR7bqWFszke0xIooLWnuiXC/lHb3Z5dd5YS
Oug91HuQFFxiGAcaD0z1a4yXJCFO+KAivjMJm2dimGbyz9tqpqanntGQr0rxDMKD
932CvxEVTTSwViu63gzGU7U7kRDe
-----END CERTIFICATE REQUEST-----
*** メールサーバー(AWS) に証明書を転送 [#f5595f63]
- ssh を使ったメールサーバー接続
-- ssh -i (秘密鍵) ubuntu@(公開DNS名)
--- 秘密鍵 : &ref(magu-tokyo-messenger.pem);
--- アカウント : ubuntu
--- 接続先 : ec2-13-114-88-171.ap-northeast-1.compute.amazonaws.com
- scp を使って証明書ファイルを AWS サーバーにアップロード
-- scp -i (秘密鍵) (転送ファイル名) ubuntu@(公開DN名)&color(red){:~}; ← 最後のコロン+にょろ が重要
munakata@muna-E450:~/mail_cert_wk$ scp -i magu-tokyo-messenger.pem mail_hmuna_com.zip ubuntu@ec2-13-114-88-171.ap-northeast-1.compute.amazonaws.com:~
mail_hmuna_com.zip 100% 8467 501.1KB/s 00:00
munakata@muna-E450:~/mail_cert_wk$
-- AWS 側にファイルが転送された
[AWS] ubuntu:~$ ls -l
total 40
-rw------- 1 root root 312 Sep 1 2017 dkim.txt
-rw-rw-r-- 1 ubuntu ubuntu 17501 Aug 25 2017 maildb_backup_20170825.sql
-rw-rw-r-- 1 ubuntu ubuntu 8467 Aug 31 10:24 mail_hmuna_com.zip
drwxrwxr-x 2 ubuntu ubuntu 4096 Aug 31 10:26 work20190831
*** 発行された証明書が KEY、CSR と一致するかを確認 ・・・・・ &color(red){当たり前だが、ちゃんと一致}; [#gdf23787]
- module = &color(red){00:b1:45:a5:4e:ea:8f:c1:....};
[AWS] ubuntu:~/work20190831$ openssl x509 -text < mail_hmuna_com.crt
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
87:58:60:51:f4:68:a1:b1:e7:e7:8b:d4:08:1b:1a:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Validity
Not Before: Aug 31 00:00:00 2019 GMT
Not After : Aug 30 23:59:59 2021 GMT
Subject: OU=Domain Control Validated, CN=mail.hmuna.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b1:45:a5:4e:ea:8f:c1:f1:b4:53:36:50:0d:1d:
93:ec:f4:b8:55:5c:d1:0e:de:11:ab:88:53:ad:d6:
2c:28:81:b8:d2:dd:1c:ff:73:d6:93:7d:de:0c:54:
c8:c4:a5:28:0a:83:e1:76:d2:3e:9a:59:1c:72:23:
32:51:10:db:e4:da:97:83:8b:95:d9:c7:7e:d1:f3:
44:fb:a8:d2:c2:7b:0a:b9:ce:4f:16:17:d9:d3:2e:
a7:60:dc:d3:16:2c:8f:a7:55:12:4e:11:ad:9b:ee:
ce:ca:30:db:5c:65:b6:e7:61:73:3b:db:16:f1:27:
17:ab:f8:ec:50:8c:0c:64:f1:a6:20:56:da:88:7d:
33:28:2e:1e:16:eb:44:c4:9f:eb:bd:64:ae:d3:e9:
9f:6d:7b:2f:37:b0:c1:69:22:f4:36:3c:6d:dd:e2:
35:00:d3:6f:a1:b8:8c:c4:d5:1f:c5:4c:d0:db:15:
0e:3f:8b:97:4d:0c:ea:35:9d:c1:90:49:b1:eb:f2:
16:9d:af:66:51:41:85:de:64:20:de:d0:37:dc:5d:
a2:37:cb:14:67:61:6b:31:7c:01:01:8c:c4:b2:f1:
a5:3f:43:c0:c4:d7:83:f9:0e:10:28:2b:e2:be:d2:
0e:89:74:7f:16:b6:12:6b:15:97:23:eb:ac:4f:8e:
32:b9
Exponent: 65537 (0x10001)
*** 証明書の調整(名前の変更、ワークディレクトリーへのコピー) [#b09b155e]
- zip ファイルを展開
[AWS] ubuntu:~/work20190831$ ls -l
total 24
-rw-rw-rw- 1 ubuntu ubuntu 1521 May 30 2000 AddTrustExternalCARoot.crt
-rw-rw-rw- 1 ubuntu ubuntu 2269 Aug 31 00:00 mail_hmuna_com.crt
-rw-rw-rw- 1 ubuntu ubuntu 2167 Nov 2 2018 SectigoRSADomainValidationSecureServerCA.crt
-rw-rw-rw- 1 ubuntu ubuntu 1956 May 30 2000 USERTrustRSAAddTrustCA.crt
- 中間証明所をマージ
[AWS] ubuntu:~/work20190831$ cat AddTrustExternalCARoot.crt SectigoRSADomainValidationSecureServerCA.crt USERTrustRSAAddTrustCA.crt > mail_hmuna_com.ca-bundle
- ファイル名を変更しながら、証明書置き場に移動
[AWS] ubuntu:~/work20190831$ sudo cp mail_hmuna_com.crt /etc/ssl/official_m4_20190831/mail_hmuna_com.crt
[AWS] ubuntu:~/work20190831$ sudo cp hmuna_190831.key /etc/ssl/official_m4_20190831/mail_hmuna.key
[AWS] ubuntu:~/work20190831$ sudo cp mail_hmuna_com.ca-bundle /etc/ssl/official_m4_20190831/
[AWS] ubuntu:~/work20190831$ sudo cp hmuna_190831.csr /etc/ssl/official_m4_20190831/mail_hmuna_com.csr
- 証明書置き場 (=/etc/ssl/official_m4_20190831)
[AWS] ubuntu:~/work20190831$ ls -la /etc/ssl/official_m4_20190831/
total 28
drwxr-xr-x 2 root root 4096 Aug 31 10:41 .
drwxr-xr-x 7 root root 4096 Aug 31 08:07 ..
-rw-r--r-- 1 root root 5644 Aug 31 10:39 mail_hmuna_com.ca-bundle
-rw-r--r-- 1 root root 2269 Aug 31 10:38 mail_hmuna_com.crt
-rw-r--r-- 1 root root 1009 Aug 31 10:40 mail_hmuna_com.csr
-rw-r--r-- 1 root root 1743 Aug 31 10:39 mail_hmuna.key
*** 証明書の配置 (従来の dovecot.conf の設定を踏襲) [#n8bb085d]
ssl_ca = </etc/apache2/ssl.crt/mail_hmuna_com.ca-bundle <----------------------------
ssl_cert = </etc/ssl/certs/mail_hmuna_com.crt <------------------------------------------
ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_dh_parameters_length = 2048
ssl_key = </etc/ssl/private/mail_hmuna.key <---------------------------------------------
ssl_prefer_server_ciphers = yes
[AWS] ubuntu:~/work20190831$ sudo ls -al /etc/apache2/ssl.crt/
total 32
drwxr-xr-x 2 root root 4096 Aug 31 10:52 .
drwxr-xr-x 9 root root 4096 Aug 31 06:24 ..
-rw-r--r-- 1 root root 5644 Aug 31 10:52 mail_hmuna_com.ca-bundle
-rw-r--r-- 1 root root 5644 Jul 27 08:55 mail_hmuna_com.ca-bundle_notworks
-rw-r--r-- 1 ubuntu ubuntu 4103 Aug 26 2017 mail_hmuna_com.ca-bundle_till201908
[AWS] ubuntu:~/work20190831$ sudo ls -la /etc/ssl/certs/mail_hmuna_com.*
-rw-r--r-- 1 root root 2269 Aug 31 10:54 /etc/ssl/certs/mail_hmuna_com.crt
-rw-r--r-- 1 root root 2269 Jul 14 12:11 /etc/ssl/certs/mail_hmuna_com.crt_notworks
-rw-r--r-- 1 ubuntu ubuntu 2327 Aug 26 2017 /etc/ssl/certs/mail_hmuna_com.crt_till201908
[AWS] ubuntu:~/work20190831$ sudo ls -la /etc/ssl/private/
total 24
drwx--x--- 2 root ssl-cert 4096 Aug 31 10:56 .
drwxr-xr-x 7 root root 4096 Aug 31 08:07 ..
-rw------- 1 root root 424 Aug 25 2017 dhparams.pem
-rw------- 1 root root 1743 Aug 31 10:56 mail_hmuna.key
-rw------- 1 root root 1704 Jul 27 08:53 mail_hmuna.key_notworks
-rw------- 1 root root 1679 Aug 26 2017 mail_hmuna.key_till201908
*** メールサーバーの証明書を更新 [#d8bef6b9]
*** postfix ではパスフレーズ付きの KEYファイル(秘密鍵)は扱えない。 パスフレーズを削除する [#ibf5ac81]
[AWS] ubuntu:~/work20190831$ openssl rsa -in hmuna_190831.key -out hmuna_190831_wopass.key
- オリジナルの KEY ファイル(上の2行に 3DES 暗号化されていると記載)
[AWS] ubuntu:~/work20190831$ cat hmuna_190831.key
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,08A385EA24594D48
iZdNp77bkfmhg7yiuFHcWq5OGb0WfCSu1rKXtLfgC7PA0dnRSVGf8j8YPQk8Mst2
aarQkuXPE4IMJ8TI6deKGRAHyF9MI0Ig6UrLSretPSTuJTq+OMLyuVq9pSrpdRja
zI6DcLAPNf7ivqbDhkJOdIGZ9yCZjouhAXP1D9T1XOZq0k/MaYlacvq07aorcSli
V3km2N+r/cl94N4DMErl2dhM2a5O5j8/vGqgrXNOGt9yDgCvimoVKAKQSjRfeguQ
bqW3qVAf5aL5zrPuy4JHpflV9lkUiLeqe36S0emz1tfY7TJscH2f/7vyM/Q4xTmV
vfYVD2NaU2hjZS7r2q9QNN5iM0L+7J1gpmB5D48oB51rP4kjtYHvWhwCfZ/TLcO8
IMkzyButmcYUoZa4mAXXAaxxOij2k3vqxYkZGOj5SiA7Qw+88Gk5rFok/ctFnP5D
5oDNAWuOVxop5ZOL9a/8vQTrCmHoWj6bp1/3ySNVsjejAGacrAEBzqamFg0+7Krz
cqW3oyhBlt5ACtAYBD5plin/3h/iAzfvd0zueyyM5uHCHMXSN0pgfNgWrjSKSDPL
8xruxGXYPyetvQ+yHror6p/xGWGqbunLjocjR0gAonWNggnRTf/ZYhTmv/+RCbdO
8OcHYBC3S1m3u/ifw/jYQZFPv14AHCJt6v+hdpEhABfQcNexJpYHqOtVP1avr3cn
V7aorNLMto07beOxqLxiE6nSxC+5Ko/hHbRv2GfLZJI5vGa/N96KjI2QXRIrH6jw
Yy57MwIc6AtabTV6ButO/hvorRIqyE8E0F4aFwkGpZKvrTKAzc6O0s47jLAWeYBt
nXti9TY8vFPWeY8BbwD1cL64bdZCDAOud56+4EJgmrDkZM9lFuNdpS7wjLqgbVHR
XnhKBt/1g0IHNteW1PBhmr+XhnikklG8fy8UJrz5H7vNeLIfFGOweHF7wVdzD2F9
KiH6nikETh2uKWnQxUNMl9z9t66IZWaS3KhWXHIBMQZZ7uJ6SYQXWi1MdKJNrF0+
2hbM10yEFWA6NIOpSCyrWLL/LBY/DimMxI8abSKdvN6TBpA3Tc+Nq1VChAzazakp
58cGcnn+5yvZDq5hBrCi6QyN7of1n6joHfwJVwSPOVycFWk2TSX/OjwGLHRkEzPM
6Fo+26bjzN7K+VkP+OSe+QZHnE7rvEQUDC53nlWrO8+/zCWQa6dMLaDPbPcasCnM
S2Gyu6bmfbLFogZZQEcsjaUuzO+JGf6wjiftvG0vOt9CnKDDHaXCrIhocLySFb4N
HNYS9PnYLTYH5B8WX1wv5/golZr/cqAFBSWsDOoGUSIAMq5XBjPe85ZcdPQ0NJbt
CEx8LIDJyY5BX87ibWGysKUnLfSLT1Ed0CDKCAKO+RDJ0KvDofWgnC5VAnrgLGKv
WlCESq2WKMbd/c2TuIIfZvsA9DoNhNm/RXeYzWgazg6HxRRcoG17vJ5VAvPlfVD9
yuWXxf23ulrspbeliEzREbhnRNz7Hzyxxol/wWPAxcMrqNwFgjKjZnKc68QL+71f
TYEWAaHbpLbkZwvjMBOI6+0zWYHuYbDms5r6k1PnIUN3r9HTKoRqaA==
-----END RSA PRIVATE KEY-----
- パスフレーズを取った新しい KEY ファイル
[AWS] ubuntu:~/work20190831$ cat hmuna_190831_wopass.key
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAsUWlTuqPwfG0UzZQDR2T7PS4VVzRDt4Rq4hTrdYsKIG40t0c
/3PWk33eDFTIxKUoCoPhdtI+mlkcciMyURDb5NqXg4uV2cd+0fNE+6jSwnsKuc5P
FhfZ0y6nYNzTFiyPp1USThGtm+7OyjDbXGW252FzO9sW8ScXq/jsUIwMZPGmIFba
iH0zKC4eFutExJ/rvWSu0+mfbXsvN7DBaSL0Njxt3eI1ANNvobiMxNUfxUzQ2xUO
P4uXTQzqNZ3BkEmx6/IWna9mUUGF3mQg3tA33F2iN8sUZ2FrMXwBAYzEsvGlP0PA
xNeD+Q4QKCvivtIOiXR/FrYSaxWXI+usT44yuQIDAQABAoIBAC/6InBGSVv7F4vB
0k6KZ8Okw9LOiQIWFgAvqD4PDep0mVnwX+2/Ix7N3O/HboLSFBEsejPXWPwbC/jU
D8Ui4/B/PKxsdcT4GhmmVlAp88iQ1mlNLdhT4i8mnEQ536NLsiFeg9K/NBZUvoC4
UlYibSsYE8DqXb4sj1qKxyJRlPUoghVL9R2FRGUyKYUMf5vh6ZvPkWDsvMsBoQXe
uXObDR5CVdCzm6qHmkDcJcYxryw7RBnCxGXRtR0BAFMPjOsZBU3y2DwycTunydly
n8TtWNBtZiX7H8F7z5S58qi/0deOk9c+9JZE9o373te2iMfgPxmVNHm5e0zZOA4P
s2DXXAUCgYEA33Q7/dDXHQdaq9ofw+wk9mIGtx8JA1080JJ6DoKLYNpPrK7V19pQ
QqNStgwflUNTyn14x3Ig99aA8RiqtaQ3xoyL4TDVHIEP/xIq8m6XOtXGSsV4/gyC
CKInpquGO9Vop4G7wgSSj7bce73iBhc4Wye1x04ePnj2Wa+fJ5c5OysCgYEAyxd1
MWsawB1ancsl/UhJOrKRwDf1CVrI1ytFoeiBItk5/C+P0LbeUu6D/qrcdjr8AfpE
8Ib7Plx+TNpivqNQR3Ee9te4VeC/eAd+SLLbzCxF33G5l0byXRT8oyfKFIslGAo/
AmKMGPLDHHtqSTbvZ6Orx+RViUsCDsYJf8pgh6sCgYEAlZCdXwRcF6gGfqSfQmpb
SzbNu+BgDgpoXErOu8uRMyCs166mn7YWpqPfBs8SjLvl59EX+JdhjcHbyIR0LuRe
GN2V+wLOgie450fnyyFOxCi2cvG+TH1exByVYa/JR19Oj1/8pp6c4ujIp2KvWNhN
9mWb/G1DPRmF+v3cD4ne2sUCgYBweI84TP5FgnwagtSJDi0vypCZCOQ0yAgN0TMA
1UgeynooRRa6GWvKNbj3ohvxhfzmA3mGUtp00LhJS2//72WYCveA8DpvpMWkbVHs
ZNEAo0wW0F5dfrbeAa9fk7t/4Qcr5xC5+2Vms5qF/XsBDOFMXgHV84fDPrzm/Zlp
IeSPfQKBgBdYSFSGqkL7Mi9LyUbTbu7UZShT0167nt6eqfCLqzpMzNFA4HEMnYa4
rjPRb0lip4uOOnCX+rO7bp21ORrwUzjaQ45ICk2nfTKj40jNLZBTGvW7jm/rLTkV
U9RLB87zzrZcgdK4+bXySmJSkJxWdCPRdUqgTZcC53i5AnFftvPW
-----END RSA PRIVATE KEY-----
- パスフレーズを取った KEY ファイルの module 情報を確認
[AWS] ubuntu:~/work20190831$ sudo openssl rsa -in hmuna_190831_wopass.key -text
Private-Key: (2048 bit)
modulus:
00:b1:45:a5:4e:ea:8f:c1:f1:b4:53:36:50:0d:1d:
93:ec:f4:b8:55:5c:d1:0e:de:11:ab:88:53:ad:d6:
2c:28:81:b8:d2:dd:1c:ff:73:d6:93:7d:de:0c:54:
c8:c4:a5:28:0a:83:e1:76:d2:3e:9a:59:1c:72:23:
32:51:10:db:e4:da:97:83:8b:95:d9:c7:7e:d1:f3:
44:fb:a8:d2:c2:7b:0a:b9:ce:4f:16:17:d9:d3:2e:
a7:60:dc:d3:16:2c:8f:a7:55:12:4e:11:ad:9b:ee:
ce:ca:30:db:5c:65:b6:e7:61:73:3b:db:16:f1:27:
17:ab:f8:ec:50:8c:0c:64:f1:a6:20:56:da:88:7d:
33:28:2e:1e:16:eb:44:c4:9f:eb:bd:64:ae:d3:e9:
9f:6d:7b:2f:37:b0:c1:69:22:f4:36:3c:6d:dd:e2:
35:00:d3:6f:a1:b8:8c:c4:d5:1f:c5:4c:d0:db:15:
0e:3f:8b:97:4d:0c:ea:35:9d:c1:90:49:b1:eb:f2:
16:9d:af:66:51:41:85:de:64:20:de:d0:37:dc:5d:
a2:37:cb:14:67:61:6b:31:7c:01:01:8c:c4:b2:f1:
a5:3f:43:c0:c4:d7:83:f9:0e:10:28:2b:e2:be:d2:
0e:89:74:7f:16:b6:12:6b:15:97:23:eb:ac:4f:8e:
32:b9
publicExponent: 65537 (0x10001)
*** postfix / dovecot を再起動して正常に動作する事を確認できた。 [#m643af37]
- 今回利用したファイル ------> &ref(SSL_20190831.tgz);
![[PukiWiki]](image/taikyoku.gif "[PukiWiki]")
