經常不同平台和語言使用到的SSL相關認證格式都不同,這裡記錄一些常用的轉換方法。
都是通過openssl或keytool進行轉換,不需要自己代碼實現,使用時替換掉相應的檔案名稱即可。
-------------------------------------- 我是分割線 -----------------------------------------
# crt轉pfx(p12)openssl pkcs12 -export -inkey server.key -in server.crt -out server.pfx
# csr轉pfx(p12)openssl pkcs12 -export -inkey server.key -in server.csr -out server.pfx
# pfx轉jkskeytool -importkeystore -v -srckeystore client.pfx -srcstoretype pkcs12 -destkeystore client.keystore -deststoretype jks
# jks轉p12(pfx)
keytool -importkeystore -srckeystore client_pri.keystore -destkeystore client_pri.p12 -srcstoretype JKS -deststoretype PKCS12 -srcalias imgo.tv -destalias imgo.tv -noprompt
# pfx轉x509
openssl pkcs12 -in onovps.com.pfx -nodes -out onovps.com.pem
openssl rsa -in onovps.com.pem -out onovps.com.key
openssl x509 -in onovps.com.pem -out onovps.com.crt
-------------------------------------- 我是分割線 ---------------------------------------
產生認證的話,我一般使用openssl通過如下方式產生:
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl rsa -in server.key -out server.key
# 如果用不到CA的話,就自己頒發認證
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
