时隔一年多我再次接触并且申请Buypass的免费证书,这一切的一切都是因为我当前所使用的广电网络无法访问我为了不再折腾通配符SSL而托管在Cloudflare的一个域名无法访问但是却能使用手机网络访问的问题。后面指定IP回源是能访问到却难以忍受浏览器提示不安全的证书而直接在源站使用一个受信任的证书。
由于已经有一次签发记录这次就轻车熟路了,刚开始我想着签发测试的通配符证书方便其他源站也使用,那料确实是测试环境使用其根不受信任只能再换回生产环境的单域名了。
本次使用自定义CSR来签发ECC的证书默认自动签发的是RSA,不使用支持通配符的Let’s Encrypt是不想麻烦。水这篇文章是为了记录Buypass Root certificates方便下次使用。
Issuing (Buypass Class 2 CA 5) (PEM)(有效期:2017-5-23——2027-5-23)
-----BEGIN CERTIFICATE----- MIIGFjCCA/6gAwIBAgIJMvoIN2vyPCATMA0GCSqGSIb3DQEBCwUAME4xCzAJBgNV BAYTAk5PMR0wGwYDVQQKDBRCdXlwYXNzIEFTLTk4MzE2MzMyNzEgMB4GA1UEAwwX QnV5cGFzcyBDbGFzcyAyIFJvb3QgQ0EwHhcNMTcwNTIzMTI1NzM4WhcNMjcwNTIz MTI1NzM4WjBLMQswCQYDVQQGEwJOTzEdMBsGA1UECgwUQnV5cGFzcyBBUy05ODMx NjMzMjcxHTAbBgNVBAMMFEJ1eXBhc3MgQ2xhc3MgMiBDQSA1MIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAu5hBKP7+r8dtoZT14U1OKtTBSzI+U3nUC4p5 ht3kD/DR9hWPB6/2Kljii7Ft4AXTSxS30YGwBpqEtIHzxjfgf/fuTb/eBx5wWhxz v0RWosEhUwyQqYX0lVEqHruRV6rjlkvtNYkhdEU2kmQs6j4T66p8AbgZLZSq42k+ lEU3hGQ8NpDiKSvxX5aVorxsRel98AP0VaRVMZfeMYI5DkTcfWkTMrD+dDqGejOB S3V1+EstPV1Auf85LiUo0jbwy1ZOppVFftUczMyBwOENOrUwfjDyQnQrn4qhq+TD qAMua2/2+gX0jHZ/wwdP4mhSPjmlpNejMmzXbykDu74BJqWfBvz9fpG6C344M0Hv WZ4QLOTP5dKwMVTGF6S/QK3jJb8SdB0cDMCzsLBagC/F56+cLMntOXsv4DOvD3HG rmrEZKsjJB+0XWIVwdPif4ItQm6MJZq4rGkPymaKsaKAes7OpFflFj7ruQIuc380 l7c98uVpIuszMTak3L8CaPN6nrpmIUGAaOT1fDdfANKnb5vVosSr6W/ETkF8gFsP Ljy09wzrUKH/Gnk7EdoBNwdy5zwP8z1F99j8QUjVVQwckBO/YsgJI6MOXoHqeHS3 LVT18dZ66FJLYZTIXZQTtLDo3eQ6eL+vSNnakxMjO4nH90BQGy6l0CRPCIi0+a0A 8HaUbA8CAwEAAaOB+TCB9jAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFMmA d+BikoL1RpzzuvdMw964o605MB0GA1UdDgQWBBQnUqRvLSqrQJOQ7NZpy/58YTt8 QjAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0gBBgwFjAKBghghEIBGgECBzAIBgZngQwB AgEwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5idXlwYXNzLm5vL2NybC9C UENsYXNzMlJvb3RDQS5jcmwwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdo dHRwOi8vb2NzcC5idXlwYXNzLmNvbTANBgkqhkiG9w0BAQsFAAOCAgEAvrrbRl50 56kq5vOKuWUcazLEHuJlVyjr1QBpLoq1dZNjpmIFLjOmG7LLMv83Hs2d5Ww0H6Sg NlloNjp9JYo5PCruL+djEb5Ct787d0dD+sQ9wkEQNK/fgQ6hqef4Z/lYxmtNqCyR xxuK8LcgvMG5D3W9CLZYIqCyGgKZqAE0FtWyinPTzCdvxzCMRZz2dYJLN+2nejMs z1+FswjSnOyva0XegBZnjhrHNI3ZyB7nPILephet0AiYyXpXUuEvBXa6qVkeK8mf 6uGgq+zTXqK52cKu2woOa9TV2/oyC1DzVNoZbfOgJ0Geh2TWeJn8rL+W4VrvxT6K w2+lk/YeyXgFd6km3FgEQk4pRnzuV3OtDErdQRW2lssR3gl9u2DF9IJYbzoRiVvy 7wTHuchTygpG8n/K9ajaWDdEL7+jSvPjU5+HBcHwgcxDSYF3QSLNIsOaBS5O1Hob 440ryhvw5lGgzqkVsToXJCaaSziOmqbzzNPHgQ0HM+vzvDTzC0Z6ikF0LGjkPSML a4qKpyJzIjLOjqPVnI51920yg/zZuN5nz1lQcH+0q7GVeoRaHE2iFyJnHXR+Ljl9 2SHWMrw1jbhk7D5/u1XmtsS0r1oeHgbF7zi7ESOVLFs2Zcm5kewkPDljznSJTE94 1YS4d5yABnRwkq6PSaKEvBRshdl84c/Fd7Y= -----END CERTIFICATE-----
在Android 4.2.2的默认浏览器上由于根证书过期了需要下载安装新的根证书来使其不标红(但这不是每个老设备的用户都会下载。。。)
在写这篇文章时发现当前使用的广电网络能访问了难道我白费功夫了???我还不看内容就直接Y(yes)提交邮箱和订阅了。。。
延伸阅读:
免费SSL证书:Buypass Go SSL
https://www.cyzwb.com/2019/01/185.html
参考:
Buypass Root certificates
https://www.buypass.com/security/buypass-root-certificates
https://api.buypass.com/acme/terms/750
Root (Buypass Class 2 Root CA)
http://crt.buypass.no/crt/BPClass2Rot.cer
Issuing (Buypass Class 2 CA 5)
http://crt.buypass.no/crt/BPClass2CA5.cer
Issuing (Buypass Class 2 CA 5) (PEM)
http://crt.buypass.no/crt/BPClass2CA5.pem
Certificate chain (PEM)
http://crt.buypass.no/crt/BPClass2CA5Bundle.pem
ChiuYut
2020年4月11日