SSL Certificates HOWTO | ||
---|---|---|
ÀÌÀü | 2Àå. ÀÎÁõ¼ °ü¸® |
´Ü¼øÇÏ°Ô ÀÎÁõ ¿ä±¸¼¸¦ »ý¼ºÇؼ ¼¸íÇÏ¸é µÈ´Ù. ±×·¯³ª ¹Ýµå½Ã Common Name (CN)À» »ç¿ëÀÚÀÇ e-mail ÁÖ¼Ò·Î Àû¾î¾ß ÇÑ´Ù.
´ÙÀ½¿¡ test.txt¶ó´Â ¸Þ½ÃÁö¸¦ ÀÎÁõ¼(newcert.pem)¿Í Private Key(newreq.pem)·Î ¼¸íÇÑ´Ù. °á°ú´Â test.msg¿¡ ÀúÀåµÈ´Ù.
openssl smime -sign -in test.tx -text -out test.msg -signer newcert.pem -inkey newreq.pem |
¿ì¼± Outlook¿¡¼ PKCS12 ÇüÅÂÀÇ ÆÄÀÏÀ» ¼öÀÔ(Import)ÇØ¾ß ÇÑ´Ù. PKCS12 ÆÄÀÏÀ» newcert.pem°ú newreq.pemÀ¸·ÎºÎÅÍ »ý¼ºÇϱâ À§Çؼ´Â ¾Æ·¡¿Í °°ÀÌ ¸í·ÉÇÏ¸é µÈ´Ù.
CA.pl -pkcs12 "Franck Martin" (openssl pkcs12 -export -in newcert.pem -inkey newreq.pem -out newcert.p12 -name "Franck Martin") |
ÀÌ ÀÎÁõ¼¿¡´Â Public Key»Ó¸¸ ¾Æ´Ï¶ó Private Keyµµ ÀúÀåµÇ¾î ÀÖ´Ù´Â Á¡À» »ó±âÇØ¾ß ÇÑ´Ù.(¾ÏÈ£¹®µµ ¶Õ¸°´Ù¸é ±×¾ß¸»·Î ³¡ÀåÀÌ´Ù) ÀÌ ÆÄÀÏÀÌ Å¸ÀÎÀÇ ¼Õ¿¡ ³Ñ¾î°¡Áö ¾Êµµ·Ï ÁÖÀÇÇÏÀÚ.
MS Outlook¿¡¼ µµ±¸(Tools), ¿É¼Ç(Options), º¸¾È(Security)ºÎºÐ¿¡ °¡¼ ¼öÀÔ/¼öÃâ(import/export) ¹öưÀ» ´©¸£°í newcert.p12 ÆÄÀÏÀ» ¼öÀÔÇÑ´Ù. ´ÙÀ½¿¡ ÆÐ½º¿öµå¿Í µðÁöÅÐ ID "Franck Martin"¸¦ ÀÔ·ÂÇÑ´Ù. (µðÁöÅÐ ID´Â À§ÀÇ ¿¹¿¡¼ ÀÔ·ÂÇÑ °ÍÀ» ±×´ë·Î ÀÔ·ÂÇÏ¸é µÈ´Ù.) ±×¸®°í OK¸¦ ´©¸£¸é µÈ´Ù.
´ÙÀ½¿¡ ¼³Á¤(Setting) ¹öưÀ» ´©¸£°í MS OutlookÀ¸·Î ÇÏ¿©±Ý ±âº» ¼³Á¤À¸·Î »ç¿ëÇÒ ¼ö ÀÖ°Ô²û New¸¦ Ŭ¸¯ÇÑ´Ù. ±×¸®°í ¸¶Áö¸·À¸·Î ÀÌ ¼³Á¤À» ±âº» ¼³Á¤À¸·Î À¯ÁöÇÏ°í ½ÍÀ¸¸é OK¸¦ ´©¸£¸é µÈ´Ù. ÀÌ·¸°Ô ÇÏ¸é ºñ·Î¼Ò e-mailÀ» º¸³¾ Áغñ°¡ ³¡³ª°Ô µÈ´Ù. ±×¸®°í¸é ´Ù¸¥ »ç¶÷¿¡°Ô ¸ÞÀÏÀ» º¸³»¸é Public Key¿Í ÇÔ²² Àü¼ÛµÇ¾î ±× »ç¶÷Àº ´ç½Å¿¡°Ô e-mailÀ» º¸³¾ ¶§ ¾ÏÈ£ÈÇÒ ¼ö ÀÖ´Ù.
¸¸¾à Á÷Á¢ »ý¼ºÇÑ ·çÆ® ÀÎÁõ ±â°ü¿¡¼ ¼¸íÇÑ ÀÎÁõ¼¶ó¸é ÀÀ¿ë ÇÁ·Î±×·¥¿¡¼ ·çÆ® ÀÎÁõ ±â°üÀ» ½Å¿ëÇÒ ¼ö ¾ø´Ù°í °æ°í°¡ ³ª¿Ã ¼ö ÀÖ´Ù. ·çÆ® ÀÎÁõ ±â°ü ÀÎÁõ¼¸¦ ´Ù¿î·Îµå¹Þ¾Æ¼ ¼³Ä¡Çϸé ÀÌ·¯ÇÑ °æ°í°¡ ³ª¿ÀÁö ¾Ê´Â´Ù. ·çÆ® ÀÎÁõ ±â°ü ÀÎÁõ¼´Â "Root CA Certificate¸¦ Trusted Root Certificate·Î ¼³Ä¡Çϱâ"ºÎºÐÀÇ "ÀÎÅÍ³Ý ÀͽºÇ÷ξî"ºÎºÐÀ» º¸¸é µÈ´Ù.