1. 生成ca.
openssl genrsa -out CA_neonone.workspace.key 2048 openssl req -x509 -new -nodes -key CA_neonone.workspace.key -sha256 -days 1024 -out CA_neonone.workspace.pem
2. 生成证书
openssl genrsa -out neonone.workspace.key 2048 openssl req -new -key neonone.workspace.key -out neonone.workspace.csr openssl x509 -req -in neonone.workspace.csr -CA CA_neonone.workspace.pem -CAkey CA_neonone.workspace.key -CAcreateserial -out neonone.workspace.crt -days 365 -sha256
3. 验证
openssl verify -CAfile CA_neonone.workspace.pem neonone.workspace.crt
4. 导入根证书
5. 在windows 客户端导入客户端证书
cmd-certmgr.msc-个人-导入