请教一个HTTPS自签问题

共计 11887 个字符，预计需要花费 30 分钟才能阅读完成。

想折腾一个自签的 HTTPS，IOS 上安装了 CA 证书访问依然爆错，我感觉没有设置错误啊。




my-openssl.cnf 文件如下
[ca]
default_ca = CA_default
[CA_default]
x509_extensions = usr_cert
[req]
default_bits = 2048
default_md = sha256
default_keyfile = privkey.pem
distinguished_name= req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca
string_mask = utf8only
[req_distinguished_name]
[req_attributes]
[usr_cert]
basicConstraints = CA:FALSE
nsComment = "OpenSSL Generated Certificate"
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
[v3_ca]
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
basicConstraints = CA:true 复制代码
CA 签名指令：
openssl genrsa -out ca.key 2048
openssl req -x509 -new -nodes -key ca.key -subj "/CN=example.ca.com" -days 5000 -out ca.crt 复制代码
证书签名指令：
openssl genrsa -out ca.key 4096
openssl req -x509 -new -nodes -key ca.key -subj "/CN=ca.qingmuhy.com" -days 36500 -out ca.crt
openssl genrsa -out server.key 4096
openssl req -new -sha512 -key server.key
-subj "/CN=webdav.qingmuhy.com"
-reqexts SAN
-config <(cat my-openssl.cnf <(printf "n[SAN]nsubjectAltName=DNS:webdav.qingmuhy.com"))
-out server.csr
openssl x509 -req -days 36500
-in ios.csr -CA ca.crt -CAkey ca.key -CAcreateserial
-extfile <(printf "subjectAltName=DNS:webdav.qingmuhy.com")
-out server.crt 复制代码
相关的文件放在附件里了，因为后面我还要再重新弄，所以发也没啥问题，请懂得 MJJ 能帮忙指点一下，看了好几个 HTTPS 原理视频了，总找不到问题所在。
最后不管你知不知道问题在哪，感谢你看到这里。自签名.rar 昨天 15:18 上传点击文件名下载附件 5.36 KB, 下载次数: 0

这个问题很简单，看头像

还真是贫穷问题，买不起一年的 SSL 用在 NAS 上，想着不如自己签一个。

要买啥啊，Let’s Encrypt 免费的，虽然证书只有 90 天，但是配个 acme.sh/lego 就能自动续期

反正各种问题纠结在一起，最后还是直接导入长期证书是最优解。

因为威联通只能导入证书，如果设置 Acme 的话因为官方没有 CLI 导入，只能在再装个 nginx 反代，但装那么多东西的话，内存就会吃紧（会很卡），所以还是一次性导入个长期的证书最方便。

然后威联通官方可以用 Acme，但是只能用 80 443 验证，这些端口被运营商封了，想用 DNS 验证因为没有官方的证书导入 API，就要装一堆东西反代，又回到了内存困局上。需要附带扩展密钥用法 serverAuth

好，感谢。

我给你签了一张
公钥
—–BEGIN CERTIFICATE—–
MIIG6jCCBNKgAwIBAgIRANayZRXFZA4TMWfMhLYTrkgwDQYJKoZIhvcNAQELBQAw
SzELMAkGA1UEBhMCQ04xFjAUBgNVBAoMDVlvdW5nZG8sIEluYy4xJDAiBgNVBAMM
G1lvdW5nZG8gU2VjdXJlIFNpdGUgQ0EgLSBSMjAeFw0yMjA1MDYxMDQ1NTJaFw0y
MzA2MDYxMDQ1NTJaMGUxCzAJBgNVBAYTAlVTMREwDwYDVQQIDAhEZWxhd2FyZTEq
MCgGA1UECgwhQU1BWklORyBNaXNha2EgVGVjaG5vbG9naWVzLCBJbmMuMRcwFQYD
VQQDDA4qLnFpbmdtdWh5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+O/C6hu07sjvJFKOmCMXX9vTtRwhV2Z2darWFnJB/Kl6BH2MSQCaFNsh4T
I/+bauf2zDatc2LJQYWDl/t3zy3gb+tzU+bRrhtuvqpexpziTea7dnPTMHHW4V2d
ExjJYD9w1tISBoUIDfwssUgEArYhFn7mWxCrgGL859EdOgjiV5PRn+Fxh+1dnYle
6iyvqmEipP/5ORzzvNT5fXX2Dk/hQEbYTp2+SmO3hqJuT1oAvkeCQehwdJxL2c7p
cmjttZafoyKcvhEcPd1QxDhOuXAXgcb7AaYAi7WErp/UUVKsYSYKIfo5wW0C68iP
jWRmKq0JA3j59TIx3y/EzEjnKqcCAwEAAaOCAq0wggKpMB0GA1UdDgQWBBSqD3QU
扶墙 36u1lt74JW3Bevi6o0jAfBgNVHSMEGDAWgBR429ZwKHzCaYdSYX6gfdxitrBD
izAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIBhjB5BggrBgEFBQcBAQRtMGsw
IwYIKwYBBQUHMAGGF2h0dHA6Ly9wa2kuaWtzLm1vZS9vY3NwMEQGCCsGAQUFBzAC
hjhodHRwOi8vcGtpLmlrcy5tb2Uvc3RhdGljL2NlcnQvWW91bmdkb1NlY3VyZVNp
dGVDQVIyLmNydDCCAToGA1UdIASCATEwggEtMIIBKQYGZ4EMAQICMIIBHTA4Bggr
BgEFBQcCARYsaHR0cHM6Ly9wa2kuaWtzLm1vZS9DUFMvWW91bmdkb1RydXN0U2Vy
dmljZXMwgeAGCCsGAQUFBwICMIHTMBEWDVlvdW5nZG8sIEluYy4wABqBvVRoaXMg
ZGlnaXRhbCBjZXJ0aWZpY2F0ZSBpcyBpc3N1ZWQgYnkgWW91bmdkbyBUcnVzdCBT
ZXJ2aWNlcy4gRm9yIG1vcmUgaW5mb3JtYXRpb24sIHBsZWFzZSB2aXNpdCBodHRw
czovL3BraS5pa3MubW9lL0NQUy9Zb3VuZ2RvVHJ1c3RTZXJ2aWNlczsgZm9yIGFi
dXNlIHJlcG9ydHMsIHBsZWFzZSBlbWFpbCBhYnVzZUBpa3MubW9lLjBIBgNVHR8E
QTA/MD2gO6A5hjdodHRwOi8vcGtpLmlrcy5tb2Uvc3RhdGljL2NybC9Zb3VuZ2Rv
U2VjdXJlU2l0ZUNBUjIuY3JsMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjAnBgNVHREEIDAegg4qLnFpbmdtdWh5LmNvbYIMcWluZ211aHkuY29tMA0GCSqG
SIb3DQEBCwUAA4ICAQDFgJmV2D2LF2dr8CCHmlaOHyVhqBvciCMEFnnh9AttJ64B
OkEjOowmZ4NuIN1hr//3310ZP3PvBk5r5W6e8pnLE6zbacnsBxf5ZGLK96jy67p7
bVPMwApVZcvsWhob7LhyNqSN53VorlP0iQgn7CNJofGkFvscNNlJnK2xOl5IUDgR
xUCrL4kP/JN6dHxVbHU5DzZXQNICXsrP9jADlMkTkxcUhUYcsXSB2e9zzIlcxcdO
ys+hRA5Ga0j1KYfM+kvL2cU+SgjHVA2DK3JbujqyDXctT4i6qYYmM9UeVoy4CBND
1bFoyqJjEmHegp/6dbrDiSmP02n**3rXA8GN3iC+3rt7LBslcTB+Zxh38pAKWr3
8Nrr2khG1Yq+G42wx4H2Z2xT9WGE8227bP43I8eT5WLTeU7+XS3bC0yMVujlsjyB
VNSUL3Tt8c7yr34ftfwtIYzX4Kr4tWr/SUo9j6T+syfGT06pb16tX+79fxhCkWw3
uXZDy4VV1AxN+Pluuxnbh0UBKhq+ndJ6/+yvDuosB3xQMqGYqp5g7fobz3VGQxCy
dgyP0rpMZ3LO6SKBxAvKhZp09unYra3O3geVXvKXVAr1YNvgsGEii4CUalQfkXNm
stLxLr9q2nl63QKRX8UsBzmT5hb2cznm3TexTfoV6M4aSzvdWd1c667FQc46fA==
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
MIIHuzCCBaOgAwIBAgIRANayZRXFZA4TMWfMhLYTrk4wDQYJKoZIhvcNAQELBQAw
azELMAkGA1UEBhMCQ04xETAPBgNVBAgMCFNoYW5naGFpMRYwFAYDVQQKDA1Zb3Vu
Z2RvLCBJbmMuMRcwFQYDVQQLDA5UcnVzdCBTZXJ2aWNlczEYMBYGA1UEAwwPWW91
bmdkbyBSb290IENBMB4XDTIxMDIxMTEwMzcxN1oXDTMxMDIwOTEwMzcxN1owSzEL
MAkGA1UEBhMCQ04xFjAUBgNVBAoMDVlvdW5nZG8sIEluYy4xJDAiBgNVBAMMG1lv
dW5nZG8gU2VjdXJlIFNpdGUgQ0EgLSBSMjCCAiIwDQYJKoZIhvcNAQEBBQADggIP
ADCCAgoCggIBANkIWsGg0ETDp8CwQA6XvqI0xfaSSsHvnUPiehxFzIGQeERUmVzo
yHVBwFl0pPpUb5DLvimG9cIEAiQditD+tvXGJbLdg/LCmkXdl2JLtGnqEhQYi30C
UoOJsP63DPPCV7YmdNRsqz8vGGw1ou5zELT9RyPjHRz+UMjZ+det4lGSMRPatEgu
KLGQcj1VWN+3uqQCWFsggkc+uyXbaAigP4kp0lewsAKFgan+R9LPh0sm4FHBcdZs
/TBsIMsLzQnArRVhgo3+ZZhkc9XQ/oZFvx/ZjCDiRyNsGr/brWqThdpvQ3l1GfI2
vKClriaLFT1bGVUoetR3XAlJrd1Mm0+9ywdGyBbzaGdTPZYxWWHqPbLCvz48k0VP
4EQ2Bii56BjEb4UPDWL/WjFUJGt24yYEWpIcGphqmgT+hlXN7Dwj5HHLFiKQyhM2
ji8TmSrc8nlNGvUH2HOLulBId1HX9d6ZztotmtgfNLu2Cq7SXkRpyVIQoBL2Z6EK
bW08cn5x4N14uZDQAeNAxTlolbFm6BnAtSIiFWk3Kgm8wYK17OMss6m5klgTRZnF
QnnQosu1KBhq/tXTe+U36Zf+LkuKZdMp7pefay3HIf84khxsEXYyRPiGwE2v/3jo
tmKdMvIZYwShzH/cYA51mYkXhnFlaZqlMKbLioihN3hRQ1oWLqenlEE/AgMBAAGj
ggJ4MIICdDAdBgNVHQ4EFgQUeNvWcCh8wmmHUmF+oH3cYrawQ4swHwYDVR0jBBgw
FoAUQ35wjNOg9dKOQ6P1MWhyvoZsTZYwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNV
HQ8BAf8EBAMCAYYwcQYIKwYBBQUHAQEEZTBjMCMGCCsGAQUFBzABhhdodHRwOi8v
cGtpLmlrcy5tb2Uvb2NzcDA8BggrBgEFBQcwAoYwaHR0cDovL3BraS5pa3MubW9l
L3N0YXRpYy9jZXJ0L1lvdW5nZG9Sb290Q0EuY3J0MIIBOAYDVR0gBIIBLzCCASsw
ggEnBgRVHSAAMIIBHTA4BggrBgEFBQcCARYsaHR0cHM6Ly9wa2kuaWtzLm1vZS9D
UFMvWW91bmdkb1RydXN0U2VydmljZXMwgeAGCCsGAQUFBwICMIHTMBEWDVlvdW5n
ZG8sIEluYy4wABqBvVRoaXMgZGlnaXRhbCBjZXJ0aWZpY2F0ZSBpcyBpc3N1ZWQg
YnkgWW91bmdkbyBUcnVzdCBTZXJ2aWNlcy4gRm9yIG1vcmUgaW5mb3JtYXRpb24s
IHBsZWFzZSB2aXNpdCBodHRwczovL3BraS5pa3MubW9lL0NQUy9Zb3VuZ2RvVHJ1
c3RTZXJ2aWNlczsgZm9yIGFidXNlIHJlcG9ydHMsIHBsZWFzZSBlbWFpbCBhYnVz
ZUBpa3MubW9lLjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vcGtpLmlrcy5tb2Uv
c3RhdGljL2NybC9Zb3VuZ2RvUm9vdENBLmNybDAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggIBAFeYRaXPMh4Plnu7Y6h4NNSg
IEAlJia372lixbySbmh6hUpQeJITi/PNM9u1t1iBwoAJMuGYmje/Xl3lkPxZFIWC
m1EykKaFAJHZnIy8zLVi2k1Ie6QhGGokRqAEP18czcwaIXAOPb42v4k8GTL6Cm5B
vTRpY7NPaJHLDer6mjdgfSdE9/TR6J5X9UyWjrs65EDkVJL+xCggXEs6M+fpCv7W
wtGM82KBphkqDryrJE/RPc6mkNbcos8wq2rsphmIGxgKwck0D**kINLm1/g1Y0V
mPqK5GGKywKwEmpG5aLUAY4fVH4kAq1gXxNvaMwTrjSKqD5XQPXFH/DhTAS0hfVg
m016QOIpTr8se6sbm5DLGpltuA2nOS/yaFSMy0aTMX32aMoVDRhFzrfLVEpCO7Hn
DFRxa829LbQP8mr12EfcYbljpWi74I6NC3AsdDRAxlk0KEVf3QrvX6OMAGEPa2NG
Nl2vGvywO2w5aT+hvNtvpwsHGtxWnIC7iPIQ+KAkAemS1T0w+3X2U8T/Fpeu2uyJ
3rmH7Wu6lijsTB96+X7CXtkplt+j6B1jcnNUX+KVeCH6ntSwcm1TJbYz7chs6kCG
SskN3OMdUYy6zExaTMgg9Q6Y8/ztjhrG8vVHM9OKaGgbyZSJPopZBX9fjNHPvh5J
dVbSJ+q4yHNCu3hmn/Ew
—–END CERTIFICATE—– 复制代码
私钥
—–BEGIN RSA PRIVATE KEY—–
MIIEpAIBAAKCAQEAn478LqG7TuyO8kUo6YIxdf29O1HCFXZnZ1qtYWckH8qXoEfY
xJAJoU2yHhMj/5tq5/bMNq1zYslBhYOX+3fPLeBv63NT5tGuG26+ql7GnOJN5rt2
c9MwcdbhXZ0TGMlgP3DW0hIGhQgN/CyxSAQCtiEWfuZbEKuAYvzn0R06COJXk9Gf
4XGH7V2diV7qLK+qYSKk//k5HPO81Pl9dfYOT+FARthOnb5KY7eGom5PWgC+R4JB
6HB0nEvZzulyaO21lp+jIpy+ERw93VDEOE65cBeBxvsBpgCLtYSun9RRUqxhJgoh
+jnBbQLryI+NZGYqrQkDePn1MjHfL8TMSOcqpwIDAQABAoIBAGNxTPCPMdr9ihWq
TtZBoyvjaWWoDesscUOz+u0CyDvcGuX1AT94edgDQWiHC1+J8HYDlcDaF1jRD7nz
iuxZ/lCcWYSHyxnHQtisC77I9MXgMScFXMzRKZc5khmzBKzlDMxdOjWQsGmG3Jh3
DkJQ5ZO3SXrrfIQGLy0CbEQjEAFqe4T0j8vTpsjB1zwOipa4d84JKKpna2WOM8W5
Q4c/vZGTYFTb20HDDi8Zdx77hp9PAk3DJD6N82o13VURenVdPS62XpM3F2hn2//U
yjsm7IDokLfkN+by3sw83FiQ8Ki6yIv/2qDYzVTa0/mB6h67DQKS7aaHe73e8MU+
X+9qtwECgYEA0lFL3Cpuj4vQdZ00+pULaJ5E7CQxBegoeFeoopVL8rT5vfo5+mst
4EZHKZ73+osbwnU/h0wxwWkuKCHwcXaSCwoadFKkUy3mbindmrI6Uxjoesrs1wo7
rF8eyivk38U24Efm9GKIBNOvkV7Ab6Fmra4qiFjUXyVOmeVx/g1mNycCgYEAwjc7
69Ztonfyp0l4jxHYzRYzRtQfW8UwflIzaIJxJ8Mi6fHwDSaCc11whmB5v+W6yU/s
VhrknbNn2ukeIsrv0PUA/1geAbU3hq93CQIAa7tTse/L20dIgyjFpSQlo1gs5dcP
DIUzwcP89jE9CI+HBTliPKqFoQw5s/zK2QbLoIECgYEAyF6FXFLclEuKpZLJV3ZJ
sTkfxq3QOqVscQJqecKs4aUDTbgoJmiYA1RRFdkKvZpsLv4PMTIpMO+o9rkm3qIt
DvFoNKxLO6e+IfQm2Ou131canWnY7CImqdjRd6EL4xh7aH94DBoXJioa2O8hfPiS
3yLQCKhAZAkh8kKDMJvJZv8CgYEAsGZEmZdAKvHxRro3sxLNrLD+T9W4ybyXqBR3
NvRLXIcjfgNOOlOA5tG2s4aK7p31AoYCLc7tWMMrkCxuP8G9AjiV+FaLopd64G0c
m+Tihvc1NIeNzBO5q89rfOwQ94TN+tBTjdaqRNMDPoVIXy8lvrv5Gwrypm0ZN/5i
K669YoECgYBY8Z9pjWFrLtsTHIKbjhPEg+tpZXhEWacb0dbDA2UP6zUMe9cmG6Wq
LG0t5ZvYX5R2zHKiQEPg36+nrGukWKxACI9x47he6cB1gG1Q0j6rTDcjzWLwUYfv
8H85p4schCDc+y4CgzQB7R/xYUDDLgwwKsun+K6JMw9R6ZubWdbuEw==
—–END RSA PRIVATE KEY—– 复制代码
根证书
—–BEGIN CERTIFICATE—–
MIIFxDCCA6ygAwIBAgIRAPwZO7Rj1ncIbo5p7yBWa7gwDQYJKoZIhvcNAQELBQAw
azELMAkGA1UEBhMCQ04xETAPBgNVBAgMCFNoYW5naGFpMRYwFAYDVQQKDA1Zb3Vu
Z2RvLCBJbmMuMRcwFQYDVQQLDA5UcnVzdCBTZXJ2aWNlczEYMBYGA1UEAwwPWW91
bmdkbyBSb290IENBMB4XDTIwMDIxNzE1NDQ1OFoXDTQwMDIxMjE1NDQ1OFowazEL
MAkGA1UEBhMCQ04xETAPBgNVBAgMCFNoYW5naGFpMRYwFAYDVQQKDA1Zb3VuZ2Rv
LCBJbmMuMRcwFQYDVQQLDA5UcnVzdCBTZXJ2aWNlczEYMBYGA1UEAwwPWW91bmdk
byBSb290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkvc+wAAg
ujW2Ce8ub4TgZeDtjkMIcz0xZ5qgNLsI5X/zVvaF3hSi+IlQQqqh0vebvy4+R/pK
5suQkz+ITWfbARwnUcxvTEmqSiWcLNCgcggUhRRcBKlVww3Rx97ALKDspejU/n1H
O6KYAVfbyMMW/wW0z++xABczL5GZGT3R3E3rIkc5YqhpMnrl6yPrcZWvvjvqYvVm
seh0DBd0CuLwOoc3TetIJqrELagGajtvzydhUHaa5+6pAwaFrYTG+fTVhnyeVMRf
hs7by3YaF61ARvAVYTECxZMhVOdrX41KYVuL4FPAflbhkK6gz2ny7vj/69JLP13F
Ib0bQV7ihrkomZOAmkQmwRKjOQdjgBwbTSBj0lhJ8hc0reEfrp+Kz/Zv+qSuQ3xD
tw6gZ9F9/FW734tCY3qw5owgBioL6cmEUdliodBm2EeMXvfne1vApZfd+UCDCG9c
Ctu46kDLvbaP+ahMYAU/MnButZfGUQxz/4XFcLoqCq0GeUhosesYnhMORWqKJTSI
3XOSWqWr/++EiCYtDJUS7sSTsROD+Xxdepd2BNNpUNyK+GlEBsSOYdj14s7stJhS
wRIfoFYr+wxxZvdZ2+vIlhzWlPbnV47ms7cwxtPhcVQveIgn7egZkWyiyXu1PUAd
64mYPXW/1MgmUb0GjYTblF2NPYLPTCb2JpkCAwEAAaNjMGEwHQYDVR0OBBYEFEN+
cIzToPXSjkOj9TFocr6GbE2WMB8GA1UdIwQYMBaAFEN+cIzToPXSjkOj9TFocr6G
bE2WMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB
CwUAA4ICAQAoRHxiCErR6tpN7ZZfM8VriaByunWwSOvTCvZ7zgRbC7XORHpYDz1+
GBpVTc8KxK 扶墙 MtFx5sXBs6wN35P6VRLc9nYQufNJ2vcM92RCbxtV+AXYdyykrnm
CbaP/fNOdYLWcwWrA+vKRzTIRaxFHn9jEULb5afE2wUlmLhDoK+tXCeZdK1MnpqZ
T6zgglRdVVn+Mk0pgDSOZ8kgO0UzIxBpK1erGuCRDrOa5xh9iYz5X1TTeiDLharB
KiM8NqQQkdeYg3zxVM8GkbX77bWzvXaIrbPjcSkp8v5xck5+so9r8vkPVkssJx+C
O/2z/M4tteEBwNpIMUwb6iiznMM/40JX/ZRFVn0RvWT13KCPvR31U8st90TA899C
h/wwOIufYzTPEuLIhwOB4mF9qNwTAuXEiDxz0eWkSkECW5IXg2Y39UZ8uJApwMvy
ZRx4cJol+fOe+meDQ1U/kswm1wKuLLvam7q1tStpsP9A1FFRP3N+FodhZHOkFHzl
Bh60m4qep0IUPSo3h8HgsmTLIaMqIOs7ddG+OlgFXLSdeECImujX3LLNXL7pB04E
C6crNrGpSXfjqfDF4tzd9NkyobKzHHddDFAX504f2QLxfshFby5u9EIqz5Sb6Ors
nFnQSHpUWrAl0o+R1IC01utvqX8Sn7hPqo7p+vmu+yZDnb0GGFR0iA==
—–END CERTIFICATE—– 复制代码

卧槽，不胜感激。

感谢老哥，我对比了几个字段，悟了，自己也成功签出成功的了。俗套一点：好人一生平安！

nnd 和谐了一堆东西，证书公钥原文见 https://static.gmx0.cn/files/other/qingmuhy.com.cert.txt

主要就这个
extendedKeyUsage = serverAuth, clientAuth 复制代码[server_cert]
# Extensions for a typical cross CA (`man x509v3_config`).
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
basicConstraints = critical, CA:false
keyUsage = critical, digitalSignature, cRLSign, keyCertSign
authorityInfoAccess = OCSP;URI:http://pki.iks.moe/ocsp, caIssuers;URI:http://pki.iks.moe/static/cert/YoungdoSecureSiteCAR2.crt
certificatePolicies = ia5org, @pl_section
crlDistributionPoints = URI:http://pki.iks.moe/static/crl/YoungdoSecureSiteCAR2.crl
extendedKeyUsage = serverAuth, clientAuth
[pl_section]
policyIdentifier = 2.23.140.1.2.2
CPS.1 = https://pki.iks.moe/CPS/YoungdoTrustServices 复制代码推荐这个 https://github.com/FiloSottile/mkcert

感谢老哥，是个不错的项目，相见恨晚。