openssl生成证书


服务端:
openssl genrsa -des3 -out server.key 1024
openssl rsa -in server.key -out server.key
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

客户端:
openssl genrsa -des3 -out client.key 1024
openssl req -new -key client.key -out client.csr
openssl x509 -req -days 365 -in client.csr -signkey client.key -out client.crt
openssl pkcs12 -export -in client.crt -inkey client.key -out  client.pfx
openssl pkcs12 -export -clcerts -in client.crt -inkey client.key -out client.p12


openssl pkcs12 -in client.p12 -out client.pem -nokeys       #客户端个人证书的公钥 
openssl pkcs12 -in client.p12 -out key.pem -nocerts -nodes     #客户端个人证书的私钥 
也可以转换为公钥与私钥合二为一的文件; 
openssl pkcs12 -in client.p12 -out clientkey.pem -nodes            #客户端公钥与私钥,一起存在all.pem中 


openssl dhparam -out dh4096.pem 4096

posted @ 2016-03-19 20:09  冰封ズDe薆  阅读(199)  评论(0编辑  收藏  举报