在 Windows 上使用 open ssl 创建自签名证书 [英] creating self-signed certificates with open ssl on windows
问题描述
我正在遵循这些指南使用 OpenSSL 生成自签名证书.
I am following these guidelines to generate self-signed certificates with OpenSSL.
我在Windows 10下,我的工作目录如下:
I am under Windows 10. My working directory is as follows:
PS E:\Certificats\predix\root\ca> ls
Directory: E:\Certificats\predix\root\ca
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 9/1/2016 11:57 AM certs
d----- 9/1/2016 11:55 AM crl
d----- 9/1/2016 12:00 PM intermediate
d----- 9/1/2016 11:55 AM newcerts
d----- 9/1/2016 11:56 AM private
-a---- 9/1/2016 11:55 AM 2 index.txt
-a---- 9/1/2016 11:56 AM 4306 openssl.cnf
-a---- 9/1/2016 11:55 AM 14 serial
在指南中的几个步骤之后,当我输入
After several steps in the guideline, when I type
openssl ca -config openssl.cnf -extensions v3_intermediate_ca -days 3650 -notext -md s
我收到以下错误
Using configuration from openssl.cnf
Enter pass phrase for ./private/ca.key.pem:
unable to load number from ./serial
error while loading serial number
12944:error:0D066096:asn1 encoding routines:a2i_ASN1_INTEGER:short line:.\crypto\asn1\f_int.c:212:
PS E:\Certificats\predix\root\ca> openssl ca -config openssl.cnf -extensions v3_intermediate_ca -days 3650 -notext -md sha256 -in intermediate/csr/intermediate.csr.pem -out intermediate/certs/intermediate.cert.pem
Using configuration from openssl.cnf
告诉我读取串行文件有问题.
telling me that it has some issue reading the serial file.
serial 的内容是
The content of serial is
1000
有没有人解决这个问题?该文件存在且其在 conf 文件中的路径名正确...
Does anyone have a fix for this ? The file exists and its pathname in the conf file is the correct...
推荐答案
自己解决了这个问题:我使用
Solved the issue myself: I created the serial file using
echo 00 > serial
它生成了一个 Unicode 文件,而 openssl 需要一个 ANSI 文件.
which produced a Unicode file while openssl was expecting an ANSI file.
这篇关于在 Windows 上使用 open ssl 创建自签名证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
