MySQL OpenSSL - 0 深度查找时出现错误 18:自签名证书
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/19726138/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
OpenSSL - error 18 at 0 depth lookup:self signed certificate
提问by Sathish
I was trying to create a SSL certificate to use with MySQL as like mentioned here : http://dev.mysql.com/doc/refman/5.5/en/creating-ssl-certs.html
我试图像这里提到的那样创建一个与 MySQL 一起使用的 SSL 证书:http: //dev.mysql.com/doc/refman/5.5/en/creating-ssl-certs.html
While verifying the certificates I got the following error
在验证证书时,我收到以下错误
# openssl verify -CAfile ca-cert.pem server-cert.pem client-cert.pem
server-cert.pem: C = IN, ST = KERALA, L = COCHIN, O = ABCD, OU = OPERATIONAL, CN = SATHISH, emailAddress = [email protected]
error 18 at 0 depth lookup:self signed certificate
OK
client-cert.pem: C = IN, ST = KERALA, L = COCHIN, O = ABCD, OU = OPERATIONAL, CN = sathish, emailAddress = [email protected]
error 18 at 0 depth lookup:self signed certificate
OK
Could someone help me on generating keys without any errors based on the document in the above link.
有人可以帮助我根据上述链接中的文档生成没有任何错误的密钥。
回答by gtrig
I think you missed this part of the instructions:
我想你错过了这部分说明:
Whatever method you use to generate the certificate and key files, the Common Name value used for the server and client certificates/keys must each differ from the Common Name value used for the CA certificate. Otherwise, the certificate and key files will not work for servers compiled using OpenSSL.
无论您使用何种方法生成证书和密钥文件,用于服务器和客户端证书/密钥的公用名值都必须与用于 CA 证书的公用名值不同。否则,证书和密钥文件将不适用于使用 OpenSSL 编译的服务器。
When OpenSSL prompts you for the Common Name for each certificate, use different names.
当 OpenSSL 提示您输入每个证书的通用名称时,请使用不同的名称。
