堆栈内存溢出
  简体   繁体   English

将.crt文件转换为.cer和.key

[英]Convert .crt file to .cer and .key

 原文  2014-08-14 23:10:38       ssl/ key/ crt/ cer

问题描述

I was asked to help converting a certificate for a renewal. 我被要求帮助转换证书以进行续订。 I was given the domainname.crt file along with some intermediate .crt files, but no .key file. 我得到了domainname.crt文件以及一些中间.crt文件,但没有.key文件。 They want me to convert the CRT to both a .CER and a .KEY file. 他们希望我将CRT转换为.CER和.KEY文件。

I have looked at the following (among many other sites) but they either say I need the .key file, which I don't have, or that I have to install it locally and then export it, but when using MMC and trying to export it the .PFX option is grayed out. 我看过以下(在许多其他网站中),但他们要么说我需要.key文件,我没有,或者我必须在本地安装然后导出它,但是当使用MMC并尝试导出它.PFX选项显示为灰色。

http://community.spiceworks.com/topic/367133-i-cant-convert-a-ssl-crt-to-pfx-i-need-help-with-this http://community.spiceworks.com/topic/367133-i-cant-convert-a-ssl-crt-to-pfx-i-need-help-with-this

I also tried the OpenSSL command PKCS12 -EXPORT... to convert it to a .P12 and I get an error for "unable to load private key". 我还尝试了OpenSSL命令PKCS12 -EXPORT ...将其转换为.P12,我收到“无法加载私钥”的错误。 If I open it and choose "Copy To File..." I can obtain a .CER file but nothing more. 如果我打开它并选择“复制到文件...”我可以获得.CER文件,但仅此而已。

Thank you for your help. 谢谢您的帮助。

1 个解决方案

解决方案1
 8 已采纳  2014-08-14 23:20:32

Is the private key in the certificate file? 证书文件中的私钥是? In other words, in there a section that starts with 换句话说,在那里以一个开头的部分 

-----BEGIN RSA PRIVATE KEY-----

in the file? 在文件中?

If not, then the private key is stored in a separate file. 如果不是,则私钥存储在单独的文件中。

In any case, to renew a certificate, you don't need a certificate, but a certificate signing request (CSR), which you will send to the CA, and you will receive the certificate in return (alternatively, in some cases the CA may generate a new certificate using the previous stored CSR). 在任何情况下,要续订证书,您不需要证书,而是需要发送给CA的证书签名请求(CSR),您将收到证书作为回报(或者,在某些情况下,CA)可以使用先前存储的CSR生成新证书。

You can generate a new key with: 您可以使用以下命令生成新密钥: 

openssl genrsa -out <private key file name> 2048

then generate the CSR with: 然后生成CSR: 

openssl req -new -key <private key file name> -out <csr file name>

You keep the key, send the CSR to the CA. 保留密钥,将CSR发送给CA. On return, you get the certificate, which together with the intermediate certificates and the private key, should be provided to the software used. 返回时,您将获得证书,该证书与中间证书和私钥一起应提供给所使用的软件。 In some cases they need to be in separate files, in others you can just lump them up together in a single file. 在某些情况下,它们需要位于单独的文件中,而在其他情况下,您可以将它们放在一个文件中。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从.cer 文件中获取.crt &amp;.key 文件 - Get .crt & .key files from .cer file 将 public key.cer 文件转换为原始文本 - Convert public key .cer file into raw text 如何获取 .cer 或 .crt 格式的公钥 - How to get public key in .cer or .crt formats 将 .pem 转换为 .crt 和 .key - Convert .pem to .crt and .key 在Java中创建密钥库文件(.jks)和自签名证书(.cer / .crt) - Create a keystore file (.jks) and a self signed certificate (.cer/.crt) in Java 将.cer文件转换为.pfx文件 - Convert a .cer file to .pfx file 对于 Apache SSL 证书,我是否需要将 .CER 转换为 .CRT? 如果是这样,如何? - Do I need to convert .CER to .CRT for Apache SSL certificates? If so, how? 如何从 .cer 和 .key 获取 .pfx 文件? - How to get .pfx file from .cer and .key? 这些openssl文件之间的关系是什么:example.cer example.key example.pem example.crt? - What is the relationship between these openssl files: example.cer example.key example.pem example.crt? 从 .crt 和 .key 文件创建 .jks 是可能的吗 - Creating a .jks from a .crt and .key file, is that possible
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM