使用现有的私钥创建 CSR [英] Create CSR using existing private key

问题描述

我想要做的是，创建一个 CSR 并使用受密码保护的私钥(密钥).

在 OpenSSL 中，我可以创建一个带有密码的私钥，如下所示:

openssl genrsa -des3 -out privkey.pem 2048

有什么方法可以使用我刚刚创建的密钥并使用该密钥生成 CSR?

如果没有，有什么方法可以生成 CSR 和密码保护的私钥?

解决方案

这是 OpenSSL req 文档:

<块引用>

创建一个私钥，然后从中生成一个证书请求:

openssl genrsa -out key.pem 2048openssl req -new -key key.pem -out req.pem

请注意，如果您直接使用 req(参见第三个示例)执行此操作，如果您不使用 -nodes 选项，您的私钥也将是加密:

<块引用>

openssl req -newkey rsa:2048 -keyout key.pem -out req.pem

(尽管文档中有说明，但它与第二个示例并不完全相同，因为它不使用 -des3，但无论如何您都会这样做.)

What I am trying to do is, create a CSR and with a private key that is password protected (the key).

In OpenSSL I can create a private key with a password like so:

openssl genrsa -des3 -out privkey.pem 2048

Is there some way I can use the key I just created and generate a CSR using the key?

If not is there some way I can generate a CSR along with a PASSWORD PROTECTED private key?

解决方案

This is the second example from the documentation of OpenSSL req:

Create a private key and then generate a certificate request from it:

openssl genrsa -out key.pem 2048
openssl req -new -key key.pem -out req.pem

Note that, if you do this directly with req (see 3rd example), if you don't use the -nodes option, your private key will also be encrypted:

openssl req -newkey rsa:2048 -keyout key.pem -out req.pem

(Despite what the documentation says, it's not exactly the same as the second example, since it doesn't use -des3, but you would have done so anyway.)

这篇关于使用现有的私钥创建 CSR的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！