如何使公钥保持静态,但旋转证书
[英]How to keep public key static, but rotate the certificate
问题描述
In this article, https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning , it reads: 
在本文https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning中 ,其内容为:
"Even though Google rotates its certificates, the underlying public keys (within the certificate) remain static." “即使Google旋转其证书,底层的公共密钥(在证书内)仍保持静态。”
If I want to implement this so that I have a static public key, but can rotate the certificate, how do I go about doing this? 如果要实现此目的以使我拥有一个静态公钥,但可以旋转证书,我该如何做呢?
1 个解决方案
解决方案1
4 已采纳 2014-10-10 00:50:45
只需继续从相同的密钥对生成新的CSR。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
存储公钥以进行证书固定的安全性如何? - How safe is storing public key for certificate pinning?
如何在iOS上固定证书的公钥 - How to pin the Public key of a certificate on iOS
使用公钥证书激活产品 - Product activation with public key certificate
如何仅从csr生成证书(公钥)? - How to generate certificate (public key) from just the csr?
客户端(网络浏览器)如何使用 CA 证书上的公钥来验证服务器证书上的数字签名? - How a client(web browser) use public key on CA certificate to authenticate digital signature on server certificate?
要求SslStream仅接受由特定公钥签名的证书 - Asking SslStream to accept ONLY a certificate signed by a particular public key
PHP:从证书获取公共密钥ID。 - PHP: Get public key ID from certificate.
从ASN1加密的pem证书中获取公钥和私钥 - Get public and private key from ASN1 encrypted pem certificate
为什么签名需要证书而不是私钥/公钥对? - Why certificate is needed for signing instead of just private/public key pair?
如何在Android上隐藏公钥? - How to hide public key on android?
相关标签