HomeServer24
をテンプレートにして作成
[
トップ
] [
新規
|
一覧
|
検索
|
最終更新
|
ヘルプ
]
開始行:
#contents();
*** 証明書の購入 [#x7eb2e10]
- [[namecheap:https://www.namecheap.com/]] から引き続き購...
-- user = wikihmuna
-- pass = frex7785
- 今回はまた5年分の購入が可能だった。
-- 但し証明書自体は3年間有効で期限切れ前に無償で追加2年分...
To give you the best price and comply with security stan...
and more should be reissued in 2 years to avoid service ...
We'll send you an email reminder when it's time.
- 購入履歴 ----> &ref(Order# 58826365.eml);
Order Date: Jul 3, 2020 12:38:25 AM
Order Number: 58826365
Transaction ID: 67193984
User Name: wikihmuna
Final Cost: $24.40
- &color(red){SSL ID = 10352885};
*** 証明書発行に必要な CSR (=Certificate Signing Request)...
- /etc/ssl/official5 を作成
- 従来は wiki.hmuna.com として CSR を作成していたが Apach...
-- 過去履歴を再確認したところ、CSR作成時(次ステップ)で...
- private key の作成
-- 生成コマンド = sudo openssl genrsa -des3 -out kgb.hmun...
-- パスフレーズ(今回変更) = &color(red){nanamochamagu};
munakata@mvc:/etc/ssl/official5$ sudo openssl genrsa -de...
Generating RSA private key, 2048 bit long modulus (2 pri...
.............+++++
...........................................................
e is 65537 (0x010001)
Enter pass phrase for kgb.hmuna.com.privatekey:
Verifying - Enter pass phrase for kgb.hmuna.com.privatek...
munakata@mvc:/etc/ssl/official5$ ls -al
合計 12
drwxr-xr-x 2 root root 4096 7月 4 09:57 .
drwxr-xr-x 11 root root 4096 7月 4 09:47 ..
-rw------- 1 root root 1743 7月 4 09:57 kgb.hmuna.com...
-- &ref(kgb.hmuna.com.privatekey);
- CSR の作成
-- 生成コマンド = sudo openssl req -new -key kgb.hmuna.co...
-- 入力パラメータ
munakata@mvc:/etc/ssl/official5$ sudo openssl req -new -...
Enter pass phrase for kgb.hmuna.com.privatekey:
You are about to be asked to enter information that will...
into your certificate request.
What you are about to enter is what is called a Distingu...
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:Kanagawa
Locality Name (eg, city) []:Yokohama
Organization Name (eg, company) [Internet Widgits Pty Lt...
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:kgb.hmuna...
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
munakata@mvc:/etc/ssl/official5$ ls -la
合計 16
drwxr-xr-x 2 root root 4096 7月 4 10:09 .
drwxr-xr-x 11 root root 4096 7月 4 09:47 ..
-rw------- 1 root root 1743 7月 4 09:57 kgb.hmuna.com...
-rw-r--r-- 1 root root 1009 7月 4 10:09 kgbhmunaCSR.csr
-- &ref(kgbhmunaCSR.csr);
munakata@mvc:/etc/ssl/official5$ cat kgbhmunaCSR.csr
-----BEGIN CERTIFICATE REQUEST-----
MIICsDCCAZgCAQAwazELMAkGA1UEBhMCSlAxETAPBgNVBAgMCEthbmFn...
DwYDVQQHDAhZb2tvaGFtYTERMA8GA1UECgwISVQgYWRtaW4xCzAJBgNV...
MRYwFAYDVQQDDA1rZ2IuaG11bmEuY29tMIIBIjANBgkqhkiG9w0BAQEF...
MIIBCgKCAQEApQLJ76TOOn+RuDWcp8e6wNbYeNRwgX34gKXIEICnPMU6...
0tEDx6ONmSOQdYVpp5J/YdMEVSnDF/DBwfWR1UBVPd3lJtrjUDiJU//3...
4e9EqDfCLpwkhUP6lmHFyzgl4TqZ8Qfl8AS1dV2DCIYZUozmBJ4CS3ww...
cTsk6wI0H6XmopWeXoJHMmG90g/hNEqlK762lx7CEvHZXcKdkObFD9TA...
tFpAXp+zRWSsScaRTtogeDPhrLtniHHKajUNTKPBL/UF+yRomgdzAsut...
pdDcvHYOP9fkgBTz5K1KXP8AgngUJNiHCwIDAQABoAAwDQYJKoZIhvcN...
ggEBACN+J4sADFB5Fv9hKdgAedkuIvkW3Zlrd3FMfC4XMzIGgxrHOBwG...
8Q25RbLlgrqecnYctflOoq5tB6NvRvcDAyLTXYxGV/BtbYqFbIEdQUY8...
Th3zDTMbyrQrlWvr5H4HSj6KO11ZiXLVkQEhZzQ+Pwbvp+L4gWy71i8/...
XsSCl8f+ECOFISWU+gSFI4h4Av8M+0Nm4Yg3qzbpfJ+x7IBy5RsCVfiL...
7vGNqhfLFOBLE0oTIBq52MFwxga/5aaIxJfZ16n9dZVVFYnzf1X6xBjr...
tmxbjeBoCX7BN6tBj54sTr5vcHI=
-----END CERTIFICATE REQUEST-----
*** メール転送の確認 [#wd1822f0]
- https://mail.hmuna.com/postfixadmin/ にアクセス(vmailb...
-- user = mail-admin
-- pass = admin7785
*** Namecheap に CSR を送って SSL 証明書を発行依頼 [#sb7b...
- サーバー実在証明は postmaster@hmuna.com 宛てを指定
-- &color(red){実際には postmaster@hmuna.com は mail-admi...
- 証明書は mail-admin@hmuna.com あてに送付させる
&ref(in_progress.JPG);
- 証明書発行メール => &ref(ORDER #367061647 - Your Positi...
- ロゴ 発行メール => &ref(ORDER #367061647 - Your COMODO...
- 証明書 (Jul 4, 2020 - &color(red){Nov 6, 2022};) => &re...
*** サーバー(kgb.hmuna.com を実行する apache2) へのインス...
- 上記の zip ファイルを /etc.ssl/official5 以下にコピーし...
munakata@mvc:/etc/ssl/official5$ ls -l
合計 28
-rw------- 1 root root 1743 7月 4 09:57 kgb.hmuna.com....
-rw-rw-rw- 1 root root 4135 3月 12 2019 kgb_hmuna_com....
-rw-rw-rw- 1 root root 2378 7月 4 00:00 kgb_hmuna_com....
-rwxrw---- 1 root root 6767 7月 4 10:58 kgb_hmuna_com....
-rw-r--r-- 1 root root 1009 7月 4 10:09 kgbhmunaCSR.csr
- /etc/apache2/site-available/kgb.hmuna.com を編集
142 >---# Server Certificate:↲
143 >---#SSLCertificateFile /etc/ssl/official/wikih...
144 >---#SSLCertificateFile /etc/ssl/official2/wiki...
145 >---#SSLCertificateFile /etc/ssl/official2/kgb_...
146 >---#SSLCertificateFile /etc/ssl/official3/kgb_...
147 >---#SSLCertificateFile /etc/ssl/official4/kgb...
148 >---SSLCertificateFile /etc/ssl/officiali5/kgb...
149 ↲
150 >---# Server Private Key:↲
151 >---#SSLCertificateKeyFile /etc/ssl/official/wikih...
152 >---#SSLCertificateKeyFile /etc/ssl/official2/wiki...
153 >---#SSLCertificateKeyFile /etc/ssl/official2/kgb....
154 >---#SSLCertificateKeyFile /etc/ssl/official3/kgb2...
155 >---#SSLCertificateKeyFile /etc/ssl/official4/wik...
156 >---SSLCertificateKeyFile /etc/ssl/official5/kgb....
157 ↲
158 >---# Server Certificate Chain:↲
159 >---#SSLCertificateChainFile /etc/ssl/official/Rapid...
160 >---#SSLCertificateChainFile /etc/ssl/official2/GeoT...
161 >---#SSLCertificateChainFile /etc/ssl/official2/COMO...
162 >---#SSLCertificateChainFile /etc/ssl/official2/COMO...
163 >---#SSLCertificateChainFile /etc/ssl/official3/kgb_...
164 >---# Apache 2.4.8 以降 SSLCertificateChainFile は無...
165 >---#SSLCertificateChainFile /etc/ssl/official4/kgb...
*** パスフレーズを Apache2 起動するたびに毎回聞かれないよ...
- key ファイル(wiki.hmuna.com.privatekey)をバックアップ
- パスフレーズを取り除いたキーを作成
sudo openssl rsa -in wiki.hmuna.com.privatekey -out wiki...
Enter pass phrase for wiki.hmuna.com.privatekey: <--- こ...
writing RSA key
終了行:
#contents();
*** 証明書の購入 [#x7eb2e10]
- [[namecheap:https://www.namecheap.com/]] から引き続き購...
-- user = wikihmuna
-- pass = frex7785
- 今回はまた5年分の購入が可能だった。
-- 但し証明書自体は3年間有効で期限切れ前に無償で追加2年分...
To give you the best price and comply with security stan...
and more should be reissued in 2 years to avoid service ...
We'll send you an email reminder when it's time.
- 購入履歴 ----> &ref(Order# 58826365.eml);
Order Date: Jul 3, 2020 12:38:25 AM
Order Number: 58826365
Transaction ID: 67193984
User Name: wikihmuna
Final Cost: $24.40
- &color(red){SSL ID = 10352885};
*** 証明書発行に必要な CSR (=Certificate Signing Request)...
- /etc/ssl/official5 を作成
- 従来は wiki.hmuna.com として CSR を作成していたが Apach...
-- 過去履歴を再確認したところ、CSR作成時(次ステップ)で...
- private key の作成
-- 生成コマンド = sudo openssl genrsa -des3 -out kgb.hmun...
-- パスフレーズ(今回変更) = &color(red){nanamochamagu};
munakata@mvc:/etc/ssl/official5$ sudo openssl genrsa -de...
Generating RSA private key, 2048 bit long modulus (2 pri...
.............+++++
...........................................................
e is 65537 (0x010001)
Enter pass phrase for kgb.hmuna.com.privatekey:
Verifying - Enter pass phrase for kgb.hmuna.com.privatek...
munakata@mvc:/etc/ssl/official5$ ls -al
合計 12
drwxr-xr-x 2 root root 4096 7月 4 09:57 .
drwxr-xr-x 11 root root 4096 7月 4 09:47 ..
-rw------- 1 root root 1743 7月 4 09:57 kgb.hmuna.com...
-- &ref(kgb.hmuna.com.privatekey);
- CSR の作成
-- 生成コマンド = sudo openssl req -new -key kgb.hmuna.co...
-- 入力パラメータ
munakata@mvc:/etc/ssl/official5$ sudo openssl req -new -...
Enter pass phrase for kgb.hmuna.com.privatekey:
You are about to be asked to enter information that will...
into your certificate request.
What you are about to enter is what is called a Distingu...
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:Kanagawa
Locality Name (eg, city) []:Yokohama
Organization Name (eg, company) [Internet Widgits Pty Lt...
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:kgb.hmuna...
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
munakata@mvc:/etc/ssl/official5$ ls -la
合計 16
drwxr-xr-x 2 root root 4096 7月 4 10:09 .
drwxr-xr-x 11 root root 4096 7月 4 09:47 ..
-rw------- 1 root root 1743 7月 4 09:57 kgb.hmuna.com...
-rw-r--r-- 1 root root 1009 7月 4 10:09 kgbhmunaCSR.csr
-- &ref(kgbhmunaCSR.csr);
munakata@mvc:/etc/ssl/official5$ cat kgbhmunaCSR.csr
-----BEGIN CERTIFICATE REQUEST-----
MIICsDCCAZgCAQAwazELMAkGA1UEBhMCSlAxETAPBgNVBAgMCEthbmFn...
DwYDVQQHDAhZb2tvaGFtYTERMA8GA1UECgwISVQgYWRtaW4xCzAJBgNV...
MRYwFAYDVQQDDA1rZ2IuaG11bmEuY29tMIIBIjANBgkqhkiG9w0BAQEF...
MIIBCgKCAQEApQLJ76TOOn+RuDWcp8e6wNbYeNRwgX34gKXIEICnPMU6...
0tEDx6ONmSOQdYVpp5J/YdMEVSnDF/DBwfWR1UBVPd3lJtrjUDiJU//3...
4e9EqDfCLpwkhUP6lmHFyzgl4TqZ8Qfl8AS1dV2DCIYZUozmBJ4CS3ww...
cTsk6wI0H6XmopWeXoJHMmG90g/hNEqlK762lx7CEvHZXcKdkObFD9TA...
tFpAXp+zRWSsScaRTtogeDPhrLtniHHKajUNTKPBL/UF+yRomgdzAsut...
pdDcvHYOP9fkgBTz5K1KXP8AgngUJNiHCwIDAQABoAAwDQYJKoZIhvcN...
ggEBACN+J4sADFB5Fv9hKdgAedkuIvkW3Zlrd3FMfC4XMzIGgxrHOBwG...
8Q25RbLlgrqecnYctflOoq5tB6NvRvcDAyLTXYxGV/BtbYqFbIEdQUY8...
Th3zDTMbyrQrlWvr5H4HSj6KO11ZiXLVkQEhZzQ+Pwbvp+L4gWy71i8/...
XsSCl8f+ECOFISWU+gSFI4h4Av8M+0Nm4Yg3qzbpfJ+x7IBy5RsCVfiL...
7vGNqhfLFOBLE0oTIBq52MFwxga/5aaIxJfZ16n9dZVVFYnzf1X6xBjr...
tmxbjeBoCX7BN6tBj54sTr5vcHI=
-----END CERTIFICATE REQUEST-----
*** メール転送の確認 [#wd1822f0]
- https://mail.hmuna.com/postfixadmin/ にアクセス(vmailb...
-- user = mail-admin
-- pass = admin7785
*** Namecheap に CSR を送って SSL 証明書を発行依頼 [#sb7b...
- サーバー実在証明は postmaster@hmuna.com 宛てを指定
-- &color(red){実際には postmaster@hmuna.com は mail-admi...
- 証明書は mail-admin@hmuna.com あてに送付させる
&ref(in_progress.JPG);
- 証明書発行メール => &ref(ORDER #367061647 - Your Positi...
- ロゴ 発行メール => &ref(ORDER #367061647 - Your COMODO...
- 証明書 (Jul 4, 2020 - &color(red){Nov 6, 2022};) => &re...
*** サーバー(kgb.hmuna.com を実行する apache2) へのインス...
- 上記の zip ファイルを /etc.ssl/official5 以下にコピーし...
munakata@mvc:/etc/ssl/official5$ ls -l
合計 28
-rw------- 1 root root 1743 7月 4 09:57 kgb.hmuna.com....
-rw-rw-rw- 1 root root 4135 3月 12 2019 kgb_hmuna_com....
-rw-rw-rw- 1 root root 2378 7月 4 00:00 kgb_hmuna_com....
-rwxrw---- 1 root root 6767 7月 4 10:58 kgb_hmuna_com....
-rw-r--r-- 1 root root 1009 7月 4 10:09 kgbhmunaCSR.csr
- /etc/apache2/site-available/kgb.hmuna.com を編集
142 >---# Server Certificate:↲
143 >---#SSLCertificateFile /etc/ssl/official/wikih...
144 >---#SSLCertificateFile /etc/ssl/official2/wiki...
145 >---#SSLCertificateFile /etc/ssl/official2/kgb_...
146 >---#SSLCertificateFile /etc/ssl/official3/kgb_...
147 >---#SSLCertificateFile /etc/ssl/official4/kgb...
148 >---SSLCertificateFile /etc/ssl/officiali5/kgb...
149 ↲
150 >---# Server Private Key:↲
151 >---#SSLCertificateKeyFile /etc/ssl/official/wikih...
152 >---#SSLCertificateKeyFile /etc/ssl/official2/wiki...
153 >---#SSLCertificateKeyFile /etc/ssl/official2/kgb....
154 >---#SSLCertificateKeyFile /etc/ssl/official3/kgb2...
155 >---#SSLCertificateKeyFile /etc/ssl/official4/wik...
156 >---SSLCertificateKeyFile /etc/ssl/official5/kgb....
157 ↲
158 >---# Server Certificate Chain:↲
159 >---#SSLCertificateChainFile /etc/ssl/official/Rapid...
160 >---#SSLCertificateChainFile /etc/ssl/official2/GeoT...
161 >---#SSLCertificateChainFile /etc/ssl/official2/COMO...
162 >---#SSLCertificateChainFile /etc/ssl/official2/COMO...
163 >---#SSLCertificateChainFile /etc/ssl/official3/kgb_...
164 >---# Apache 2.4.8 以降 SSLCertificateChainFile は無...
165 >---#SSLCertificateChainFile /etc/ssl/official4/kgb...
*** パスフレーズを Apache2 起動するたびに毎回聞かれないよ...
- key ファイル(wiki.hmuna.com.privatekey)をバックアップ
- パスフレーズを取り除いたキーを作成
sudo openssl rsa -in wiki.hmuna.com.privatekey -out wiki...
Enter pass phrase for wiki.hmuna.com.privatekey: <--- こ...
writing RSA key
ページ名:
![[PukiWiki]](image/taikyoku.gif "[PukiWiki]")
