ssl连接服务端报错
客户端报错:SSL handshake failed with baidumy:8000: certificate verify failed
服务端报错:SSL handshake failed: sslv3 alert certificate expired
原因:所发的server-cert.pem过期了,需要重新扮发新证书,用openssl发自己的证书,默认有效期1个月。
使用openssl扮发ca证书命令行如下:(有效期36500,100年)
openssl req -x509 -newkey rsa:4096 -days 36500 -nodes -keyout ca-key.pem -out ca-cert.pem -subj "/C=CHINA/ST=Jiangsu/L=nanjing/O=NJ/OU=YJ/CN=YJ/emailAddress=dev@163.com"
openssl req -newkey rsa:4096 -nodes -keyout server-key.pem -out server-req.pem -subj "/C=CHINA/ST=Jiangsu/L=nanjing/O=NJ/OU=YJ/CN=YJ/emailAddress=s1@163.com"
openssl x509 -days 36500 -req -in server-req.pem -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -out server-cert.pem
### show the data
openssl x509 -in ca-cert.pem -noout -text
openssl x509 -in server-cert.pem -noout -text
交流QQ号:1175372067
电话:18551717618(同微信)
元几科技.软件3部
迈开步伐去探索
南京元几科技有限公司
元几社区: https://www.cnblogs.com/colin-vio
元几官网: http://www.yuanji.tech
-----------------------------------------------------------------------------