堆栈内存溢出
  简体   繁体   English

如何获取 .cer 或 .crt 格式的公钥

[英]How to get public key in .cer or .crt formats

 原文  2018-05-09 16:34:17       ssl/ openssl/ ssl-certificate

问题描述

I have created self-signed SSL certificate using OpenSSL as follow:我使用 OpenSSL 创建了自签名 SSL 证书,如下所示:

openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365

This gave me certificate and private key in .pem file.这给了我.pem文件中的证书和私钥。 I need to provide my public key to my clients in .cer or .crt format.我需要以.cer.crt格式向我的客户提供我的公钥。 Is there any way to get public key in .cer / .crt formats?有没有办法获得.cer / .crt格式的公钥?

What I have already tried:我已经尝试过的:

1. Generating public key in .pem format and trying to convert it to .cer or .crt [ Didn't work ] 1. 生成.pem格式的公钥并尝试将其转换为.cer.crt [无效]

To extract public key in .pem file [worked fine]:.pem文件中提取公钥[工作正常]:

`openssl x509 -pubkey -noout -in signer-cert.pem  > signer-public-key-test.pem`

To convert it from .pem for .cer format openssl x509 -inform PEM -in signer-public-key-test.pem -outform DER -out signer-public-key-test.cer I get this error:要将其从.pem转换为.cer格式openssl x509 -inform PEM -in signer-public-key-test.pem -outform DER -out signer-public-key-test.cer我收到此错误:

unable to load certificate
140067363030680:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:701:Expecting: TRUSTED CERTIFICATE

2. Converting my certificate to .cer (which I did fine) and trying to export public key using windows certificate export wizard as instructions given here 2. 将我的证书转换为 .cer(我做得很好)并尝试使用 Windows 证书导出向导导出公钥,如此处给出的说明

It didn't work either.它也没有用。 I couldn't enable the option to export keys and the final output, when opened in notepad++ was garbage.当在记事本++中打开时,我无法启用导出密钥和最终输出的选项是垃圾。

So my question is, is there any way to generate the certificate from scratch and have the public key in .cer or .crt file.所以我的问题是,有没有办法从头开始生成证书并在.cer.crt文件中拥有公钥。 OR generating the certificate in .pem format and later extracting public keys to .crt or .cer或以.pem格式生成证书,然后将公钥提取到.crt.cer

Any help is deeply appreciated.任何帮助都深表感谢。

1 个解决方案

解决方案1
 0  2018-05-09 16:59:44

Since .cer and .crt usually mean "DER or PEM-DER X.509 certificate" I don't know what you mean by having the public key in that format.由于.cer.crt通常表示“DER 或 PEM-DER X.509 证书”,因此我不知道您所说的具有该格式的公钥是什么意思。

If you mean you want a DER encoded SubjectPublicKeyInfo representing the public key, the second stage of your pipeline would be如果您的意思是您想要一个代表公钥的 DER 编码的 SubjectPublicKeyInfo,那么管道的第二阶段将是

openssl asn1parse -noout -out some.file

You can remove the intermediate with您可以使用删除中间体

openssl x509 -in signer-cert.pem -noout -pubkey | 
    openssl asn1parse -noout -out signer-public-key-test.der

(Newline added to remove scrollbar) (添加换行符以删除滚动条)

Or, skip the certificate middleman altogether:或者,完全跳过证书中间人:

openssl rsa -in key.pem -pubout -outform der -out signer-public-key-test.der

Seems pretty weird that you want that particular format, though.不过,您想要那种特定的格式似乎很奇怪。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从.cer 文件中获取.crt &.key 文件 - Get .crt & .key files from .cer file 将.crt文件转换为.cer和.key - Convert .crt file to .cer and .key 如何从.cer中获取.crt和.pem证书文件 - How to get .crt and .pem certificate files from .cer 如何从 .cer 和 .key 获取 .pfx 文件? - How to get .pfx file from .cer and .key? 将 public key.cer 文件转换为原始文本 - Convert public key .cer file into raw text 如何将私钥证书(.pfx),公钥证书(.cer)上传到Azure WebApp - How to upload Private Key Certificates (.pfx), Public Key Certificates (.cer) to Azure WebApp 如何使用 OpenSSL 通过 .crt 和 .key 文件制作公钥和私钥? - How do I use OpenSSL to make a public and private key using a .crt and .key file? 如何从.key 和.crt 文件中获取.pem 文件? - How to get .pem file from .key and .crt files? 如何使用 Rest 确保使用.crt 证书和 public.key 令牌发送 HTTPS 请求 - How to send HTTPS request with Rest Assured using .crt certificate and public .key token 对于 Apache SSL 证书,我是否需要将 .CER 转换为 .CRT? 如果是这样,如何? - Do I need to convert .CER to .CRT for Apache SSL certificates? If so, how?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM