实验环境
| hostname | ip |
| bjcy-62 | 172.16.0.62 |
| bjcy-81 | 172.16.0.81 |
| bjcy-82 | 172.16.0.82 |
创建证书
证书服务器搭建:
创建根证书的config配置文件
文件路径: /opt/certs/ca-config.json
{ "signing": { "default": { "expiry": "175200h" }, "profiles": { "server": { "expiry": "175200h", "usages": [ "signing", "key encipherment", "server auth" ] }, "client": { "expiry": "175200h", "usages": [ "signing", "key encipherment", "client auth" ] }, "peer": { "expiry": "175200h", "usages": [ "signing", "key encipherment", "server auth", "client auth" ] } } } }