如何创建没有私钥的.p12或.pfx文件? [英] How can I create a .p12 or .pfx file without a private key?
问题描述
我正在尝试创建一个不包含有效身份(公钥/私钥对)的.p12文件,以测试我的应用程序的证书导入功能. openssl
工具可以做到这一点吗?
我尝试过
openssl pkcs12 -in client-certonly.pem -export -out client-certonly.p12
但是我得到一个错误:
unable to load private key
471:error:0906D06C:PEM routines:PEM_read_bio:no start line:/SourceCache/OpenSSL098/OpenSSL098-50/src/crypto/pem/pem_lib.c:648:Expecting: ANY PRIVATE KEY
如果无法使用openssl
进行此操作,是否可以使用其他工具?
有一个非常方便的用Java编写的GUI工具,称为 portecle 可以用于创建空的PKCS#12密钥库,也可以将不带私钥的证书导入PKCS#12密钥库-此功能在导入受信任的证书(Ctrl-T)"按钮下可用. /p>
但是,如果您坚持使用OpenSSL,则可以使用以下命令:
openssl pkcs12 -export -nokeys -in certificate.cer -out pkcs12.pfx
I'm trying to create a .p12 file that does not contain a valid identity (public key / private key pair) in order to test my app's certificate import functionality. Is it possible to do this with the openssl
tool?
I've tried
openssl pkcs12 -in client-certonly.pem -export -out client-certonly.p12
but I get an error:
unable to load private key
471:error:0906D06C:PEM routines:PEM_read_bio:no start line:/SourceCache/OpenSSL098/OpenSSL098-50/src/crypto/pem/pem_lib.c:648:Expecting: ANY PRIVATE KEY
If it isn't possible to do this with openssl
, is there another tool I can use?
There is a very handy GUI tool written in java called portecle which you can use for creation of an empty PKCS#12 keystore and also for an import of the certificate without the private key into the PKCS#12 keystore - this functionality is available under "Import trusted certificate (Ctrl-T)" button.
However if you insist on using OpenSSL you can use this command:
openssl pkcs12 -export -nokeys -in certificate.cer -out pkcs12.pfx
这篇关于如何创建没有私钥的.p12或.pfx文件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!