使用OpenSSL创建.pfx文件 [英] using OpenSSL to create .pfx file
问题描述
已向我提供了一些使用OpenSSL创建.pfx文件的命令.在大多数情况下,我的伙伴从以下位置收集了此信息:
I've been offered some commands to create a .pfx file using OpenSSL. For the most part, my partner gathered this information from: Is it possible to convert an SSL certificate from a .key file to a .pfx?
我有以下文件:
- 2010certificate.cer
- 2010cert_and_key.pem
- private_verisign10to11.key
我尝试同时生成:
openssl pkcs12 -export -out s2010-1.pfx -inkey private_verisign10to11.key -in 2010cert_and_key.pem -certfile 2010certificate.cer
and
openssl pkcs12 -export -out s2010-1.pfx -inkey private_verisign10to11.key -in 2010certificate.cer -certfile 2010cert_and_key.pem
在这种情况下不会引发任何错误,但是当我尝试查看或导入生成的文件s2010-1.pfx时,Protecle说无法打开它. Keytool说:
No errors are thrown in this situation, but when I try to view or import the generated file s2010-1.pfx, Protecle says it can't open it. Keytool says:
keytool -import -file s2010-1.pfx x -keystore cacerts -alias fqdn -storepass <.pfx's pass word>
keytool error: java.lang.Exception: Input not an X.509 certificate
我假设问题出在.pfx代,但是直到keytool命令我才真正知道如何测试它.从这里提出的任何建议都是很棒的.
I am assuming the problem is with the .pfx generation, but I don't really know how to test it until the keytool command. Any suggestions on what to do from here would be great.
推荐答案
尝试使用 TinyCA 即可打开您的3个文件,因为它们可以是其扩展名所表示的其他文件,尤其是.pem文件.然后使用TinyCA导出密钥;有一个消息窗口同时显示openssl命令和该命令的输出.
Try using TinyCA to open each of your 3 files, because they can be something else that what their extension says, specially the .pem ones. Then use TinyCA to export the keys ; There is a message window displaying both the openssl command and the output of said command.
这篇关于使用OpenSSL创建.pfx文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
