Ndeewonụ!
Anyị emebela ụlọ ọrụ asambodo nke anyị nke ọma. Olee otú ọ ga-esi baara anyị uru?
Iji ikike asambodo mpaghara, anyị nwere ike ịnye asambodo yana nyochaa mbinye aka na asambodo ndị a.
Mgbe ị na-enye onye ọrụ asambodo, ikike asambodo na-eji arịrịọ asambodo pụrụ iche Pkcs#10, nke nwere usoro faịlụ '.csr'. Arịrịọ a nwere usoro agbakwunyere nke ndị ikike asambodo maara ka esi atụgharị nke ọma. Arịrịọ ahụ nwere ma igodo ọha nke onye ọrụ yana data maka imepụta asambodo (usoro mmekọ nwere data gbasara onye ọrụ).
Anyị ga-eleba anya ka esi enweta arịrịọ maka asambodo n'isiokwu na-esote, na n'isiokwu a, achọrọ m ịnye isi iwu nke ikike ikike nke ga-enyere anyị aka ịrụzu ọrụ anyị n'akụkụ azụ.
Yabụ na anyị ga-ebu ụzọ mepụta asambodo. Iji mee nke a, anyị na-eji iwu:
openssl ca -batch -in user.csr -out user.crt
ca bụ openSSL iwu nke metụtara ikike asambodo,
-batch - na-akagbu arịrịọ nkwenye mgbe ị na-emepụta asambodo.
user.csr - rịọ ka ịmepụta akwụkwọ (faịlụ na usoro .csr).
user.crt - akwụkwọ (nsonaazụ nke iwu).
Ka iwu a wee rụọ ọrụ, ikike asambodo ga-ahazirịrị ka akọwara ya . Ma ọ bụghị ya, ị ga-ezipụtakwa ọnọdụ nke akwụkwọ ikike asambodo.
Iwu nkwenye asambodo:
openssl cms -verify -in authenticate.cms -inform PEM -CAfile /Users/……/demoCA/ca.crt -out data.filecms bụ oghe SSL iwu nke a na-eji maka ịbịanye aka, nyochaa, ezoro ezo data na ọrụ nzuzo ndị ọzọ site na iji openSSL.
-verify - na nke a, anyị na-enyocha asambodo.
authenticate.cms - faịlụ nwere data bịanyere aka na asambodo nke enyere iwu gara aga.
-ịkọ PEM - A na-eji usoro PEM.
-CAfile /Users/…/demoCA/ca.crt - ụzọ na akwụkwọ mgbọrọgwụ. (na-enweghị nke a iwu ahụ arụghị m ọrụ, ọ bụ ezie na e dere ụzọ ca.crt na faịlụ openssl.cfg)
-out data.file - M na-eziga data ezoro ezo na faịlụ faịlụ.file.
Algọridim maka iji ikike asambodo n'akụkụ azụ bụ nke a:
- Ndebanye aha onye ọrụ:
- Anyị na-enweta arịrịọ ka imepụta asambodo wee chekwaa ya na faịlụ user.csr.
- Anyị na-echekwa iwu mbụ nke akụkọ a na faịlụ nwere ndọtị .bat ma ọ bụ .cmd. Anyị na-agba ọsọ faịlụ a site na koodu, na-echekwabu arịrịọ maka imepụta asambodo na faịlụ user.csr. Anyị na-enweta faịlụ na asambodo user.crt.
- Anyị na-agụ faịlụ user.crt wee zigara onye ahịa ya.
- Ikike onye ọrụ:
- Anyị na-enweta data mbinye aka n'aka onye ahịa wee chekwaa ya na faịlụ authenticate.cms.
- Chekwaa iwu nke abụọ nke edemede a na faịlụ nwere ndọtị .bat ma ọ bụ .cmd. Anyị na-eme faịlụ a site na koodu ahụ, ebe echekwara data mbinye aka na mbụ na ihe nkesa na authenticate.cms. Anyị na-enweta faịlụ nwere data data ezoro ezo.file.
- Anyị na-agụ data.file wee lelee data a maka ịdị irè. Akọwara kpọmkwem ihe a ga-enyocha . Ọ bụrụ na data ahụ dị irè, mgbe ahụ, a na-ahụta ikike onye ọrụ nke ọma.
Iji mejuputa algọridim ndị a, ị nwere ike iji asụsụ mmemme ọ bụla ejiri dee azụ azụ.
N'isiokwu na-esonụ, anyị ga-eleba anya ka esi arụ ọrụ na ngwa mgbakwunye Retoken.
Gwa anyị ihe ị ga-eme!
isi: www.habr.com