我正在尝试使用我的 Windows CA 颁发 *.internal Web 服务器证书,然后将其导入 PFSense 并与 HAProxy 一起使用。
- 在 CA 上,我已经打开了本地计算机范围内的证书管理器。
- 我导航到
Personal
,Certificates
右键单击,然后Request New Certificate
- 在
Certificate Enrollment
我选择上Active Directory Enrollment Policy
并单击下一步。 - 我选择
Web Server
证书模板并设置以下详细信息:
主题选项卡
Common Name: *.internal
DNS Name: *.internal
私钥选项卡
Make Private Key Exportable
- 然后我点击“注册”。证书出现在我的个人存储中。我导出证书(包含私钥),然后将其导入 PFSense。
- 我配置了 HAProxy,使用证书进行 SSL 卸载。当我浏览网站时,收到以下错误:
我在证书方面缺少什么/做错了什么?这是浏览网站后从浏览器下载的证书:
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgITXwAAAFLqU+W8kyBCaAAAAAAAUjANBgkqhkiG9w0BAQsF
ADBWMRMwEQYKCZImiZPyLGQBGRYDb3JnMRwwGgYKCZImiZPyLGQBGRYMdW5rbm93
bnJlYWxtMSEwHwYDVQQDExh1bmtub3ducmVhbG0tQUxERVJBQU4tQ0EwHhcNMjUw
NDIxMDE1MzU0WhcNMjcwNDIxMDE1MzU0WjAVMRMwEQYDVQQDDAoqLmludGVybmFs
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EJjEPYpn0SiGf0ww0Sb
mJjZHivy/Jp3XXG7R2aTjM1ppmemLYLwAyDzGTf7kb65IyoTxS9phf4CDgNjHO8L
yo3pShcpJ18OTSKtws/HcZ6aK7cBRcX1uUw3qBi+VVF9HSBSWJeD0W9xvjThnjsM
yjSRhpEz1kiNHLrM8MP7/UYxPLgUgixe3cIMSM3gpHJnavXJAyUQ84qdy3AbAKEd
2Z3TCK5DNcwoKX5t9fhH2HPEK7FPvUr0PMcxzj7qOqP0XnesKvRrIthSr2W80Zwo
hhn/o1Qqm64cI+fLkledUO3DcyeDwpFDZKxVNa55+zZ6FClBQfbPRuGC4XUD7aat
4QIDAQABo4ICnTCCApkwIQYJKwYBBAGCNxQCBBQeEgBXAGUAYgBTAGUAcgB2AGUA
cjATBgNVHSUEDDAKBggrBgEFBQcDATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0OBBYE
FMFXqU+0hAXEkDgI190PJmbU+FyYMBUGA1UdEQQOMAyCCiouaW50ZXJuYWwwHwYD
VR0jBBgwFoAUXh9BpJsAXE9DJWXlDJC1uE3Mx3kwggEkBgNVHR8EggEbMIIBFzCC
AROgggEPoIIBC4aBxWxkYXA6Ly8vQ049dW5rbm93bnJlYWxtLUFMREVSQUFOLUNB
LENOPWFsZGVyYWFuLENOPUNEUCxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxD
Tj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPXVua25vd25yZWFsbSxEQz1v
cmc/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNS
TERpc3RyaWJ1dGlvblBvaW50hkFodHRwOi8vY3JsLmFsZGVyYWFuLnVua25vd25y
ZWFsbS5vcmcvdW5rbm93bnJlYWxtLUFMREVSQUFOLUNBLmNybDCBzwYIKwYBBQUH
AQEEgcIwgb8wgbwGCCsGAQUFBzAChoGvbGRhcDovLy9DTj11bmtub3ducmVhbG0t
QUxERVJBQU4tQ0EsQ049QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENO
PVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9dW5rbm93bnJlYWxtLERDPW9y
Zz9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlvbkF1
dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAQEAXAUSsAEV0tbjjJenu7RLtDWJcAvv
OlM86V9pQnJOjRovhImWql0Z/zByCtZrr0YmxVnV/Gnb3WWrKV20nHyaTrMXFD41
niiG58wddBTKo4eVP+GtBmosSpbdZQ09wBMI5b7c9IojlXv7Gt0vhxE25lg/Ie95
Ufi4RCnxIN3Af3EMhHIDcVbi87Mwenthf2KUMQbMTGuYkcFKgUJJgKvHFQE/0cij
R1wpiayy0yzYkNClly3IGCtgHiMOv5pDiFJEhVv9W5KlQNN0wGEdTXkbkwfj+ZwM
hSB1zJILyy6Eg+494qlvA0GMIAYEDCUy9h+xM8lp14Z4WV5a9Z8oTwzepQ==
-----END CERTIFICATE-----