When I was just working on the UnionPay project, the other party gave two test files: 1. pfx and 1. Cer. Summarize the two files to extract the text.
UnionPay provides two test certificates: 1.pfx and 1.cer.
The pfx certificate contains the RSA public key and key. the CER certificate is used to extract the key from the pfx certificate and allow the current computer to perform legal operations.
The extraction steps are as follows:
1. Click 1.certo install the CER certificate.
2. extract key information from pfx and convert it to the key format (pfx uses PKCS12 mode to supplement)
(1) extract key pairs
OpenSSL PKCS12-In 1.pfx-nocerts-nodes-out 1.key
// If the pfx certificate is encrypted, the system prompts you to enter the password. If the CER certificate is not installed, the password cannot be verified.
(2) extract the private key from the key pair
OpenSSL RSA-In 1.key-out primary pri.key
(3) extract the public key from the key pair
OpenSSL RSA-In 1.key-pubout-out cipher pub.key
(4) because the RSA algorithm uses the pkcs8 mode, further processing of the extracted private key is required.
OpenSSL pkcs8-topk8-inform PEM-in primary pri.key-outform PEM-nocrypt
Copy the key generated in the window and save it as your pri_pkcs8.key
(5) obtain the primary pri_pkcs8.key and primary pub.key of the key pair.
OpenSSL extracts pfx certificate key pairs