[英]How to generate SSL certificate & public key for encryption?
I am working with some XYZ API provider.我正在与一些 XYZ API 提供商合作。
What they are asking is the following:他们要问的是以下内容:
I generated the self-signed SSL certificate using OpenSSL & shared with them along with the private key (I know we shouldn't).我使用 OpenSSL 生成了自签名 SSL 证书并与他们共享了私钥(我知道我们不应该这样做)。 They asked me to share a valid public key & SSL certificate.
他们让我分享一个有效的公钥和 SSL 证书。
I even generated a certificate & private key on DigiCert, but couldn't figure out how to generate a public key for SSL Certificate.我什至在 DigiCert 上生成了证书和私钥,但无法弄清楚如何为 SSL 证书生成公钥。
Can anyone kindly suggest how to generate Public key & private key for the SSL Certificate?任何人都可以建议如何为 SSL 证书生成公钥和私钥吗?
Kindly also suggest if I can use Comodo or DigiCert to generate a public key for the SSL certificate?还请建议我是否可以使用 Comodo 或 DigiCert 为 SSL 证书生成公钥?
An SSL Certificate is a public key verified and signed by a Certificate Authority . SSL 证书是由证书颁发机构验证和签名的公钥。 You generate a public/private key pair, then from that generate a Certificate Signing Request (which includes the public key), which you send to the CA .
您生成一个公钥/私钥对,然后从中生成一个证书签名请求(其中包括公钥),然后将其发送给CA。 It then signs that public key included in the CSR producing the certificate which it sends back to you.
然后它对包含在CSR 中的公钥进行签名,以生成它发送回给您的证书。 See also here .
另请参见此处。
It sounds like you already have this though, so you'd need to clarify what you're trying to achieve.听起来你已经有了这个,所以你需要澄清你想要实现的目标。 It sounds like it may be a client authentication / mutual authentication scenario?
听起来可能是客户端身份验证/相互身份验证场景? If so, it depends on what the service provider requires - certificates for client authentication may need to be signed either by a public authority that the server trusts, or by the server itself.
如果是这样,这取决于服务提供商的要求 - 客户端身份验证的证书可能需要由服务器信任的公共机构或服务器本身签名。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.