Stats
Actions
Tags
Builds two-tier PKI CA hierarchy (root + intermediate) using OpenSSL and Python cryptography library, with CRL, OCSP, and certificate policies. For secure certificate management.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills-zh:configuring-certificate-authority-with-opensslThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
证书颁发机构(CA)是公钥基础设施(PKI)层次结构中的信任锚,负责颁发、签署和吊销数字证书。本技能涵盖使用 OpenSSL 和 Python cryptography 库构建两层 CA 层次结构(根 CA + 中间 CA),包括证书吊销列表(CRL)分发、OCSP 响应服务器配置和证书策略管理。
证书颁发机构(CA)是公钥基础设施(PKI)层次结构中的信任锚,负责颁发、签署和吊销数字证书。本技能涵盖使用 OpenSSL 和 Python cryptography 库构建两层 CA 层次结构(根 CA + 中间 CA),包括证书吊销列表(CRL)分发、OCSP 响应服务器配置和证书策略管理。
根 CA(离线,气隙隔离)
|
+-- 中间 CA(在线,运营中)
|
+-- 服务器证书
+-- 客户端证书
+-- 代码签名证书
| 扩展 | 用途 | 关键性 |
|---|---|---|
| basicConstraints | CA:TRUE/FALSE,路径长度约束 | 是 |
| keyUsage | keyCertSign、cRLSign、digitalSignature | 是 |
| extendedKeyUsage | serverAuth、clientAuth、codeSigning | 否 |
| subjectKeyIdentifier | 公钥哈希 | 否 |
| authorityKeyIdentifier | 颁发者密钥标识符 | 否 |
| crlDistributionPoints | CRL 的 URL | 否 |
| authorityInfoAccess | OCSP 响应服务器 URL | 否 |
npx claudepluginhub killvxk/cybersecurity-skills-zhBuilds two-tier PKI hierarchy (Root CA + Intermediate CA) using OpenSSL and Python cryptography library; configures CRLs, OCSP responders, certificate issuance, policies. For secure PKI setups.
Builds a two-tier PKI hierarchy (Root CA + Intermediate CA) with OpenSSL and Python, including CRL distribution, OCSP responder configuration, and certificate policy management.
Builds a two-tier Certificate Authority hierarchy (Root + Intermediate) using OpenSSL and Python cryptography. Includes CRL distribution, OCSP responder config, and certificate policy management.