堆栈内存溢出
  简体   繁体   English

如何生成用于加密的 SSL 证书和公钥?

[英]How to generate SSL certificate & public key for encryption?

 原文  2019-03-20 13:05:40       ssl/ ssl-certificate/ public-key-encryption/ private-key/ public-key

问题描述

I am working with some XYZ API provider.我正在与一些 XYZ API 提供商合作。

What they are asking is the following:他们要问的是以下内容:

  • Certificate with 4096 bits public key for encryption (.pem or .cer format)带有用于加密的 4096 位公钥的证书(.pem 或 .cer 格式)
  • SSL certificate for sending callback response on call back URL.用于在回调 URL 上发送回调响应的 SSL 证书。

I generated the self-signed SSL certificate using OpenSSL & shared with them along with the private key (I know we shouldn't).我使用 OpenSSL 生成了自签名 SSL 证书并与他们共享了私钥(我知道我们不应该这样做)。 They asked me to share a valid public key & SSL certificate.他们让我分享一个有效的公钥和 SSL 证书。

I even generated a certificate & private key on DigiCert, but couldn't figure out how to generate a public key for SSL Certificate.我什至在 DigiCert 上生成了证书和私钥,但无法弄清楚如何为 SSL 证书生成公钥。

Can anyone kindly suggest how to generate Public key & private key for the SSL Certificate?任何人都可以建议如何为 SSL 证书生成公钥和私钥吗?

Kindly also suggest if I can use Comodo or DigiCert to generate a public key for the SSL certificate?还请建议我是否可以使用 Comodo 或 DigiCert 为 SSL 证书生成公钥?

1 个解决方案

解决方案1
 3 已采纳  2019-03-21 21:52:34

An SSL Certificate is a public key verified and signed by a Certificate Authority . SSL 证书证书颁发机构验证和签名的公钥。 You generate a public/private key pair, then from that generate a Certificate Signing Request (which includes the public key), which you send to the CA .您生成一个公钥/私钥对,然后从中生成一个证书签名请求(其中包括公钥),然后将其发送给CA。 It then signs that public key included in the CSR producing the certificate which it sends back to you.然后它对包含在CSR 中的公钥进行签名,以生成它发送回给您的证书 See also here .另请参见此处

It sounds like you already have this though, so you'd need to clarify what you're trying to achieve.听起来你已经有了这个,所以你需要澄清你想要实现的目标。 It sounds like it may be a client authentication / mutual authentication scenario?听起来可能是客户端身份验证/相互身份验证场景? If so, it depends on what the service provider requires - certificates for client authentication may need to be signed either by a public authority that the server trusts, or by the server itself.如果是这样,这取决于服务提供商的要求 - 客户端身份验证的证书可能需要由服务器信任的公共机构或服务器本身签名。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何生成用于公钥固定(SSL固定)的iOS证书 - How to generate iOS certificate for public key pinning(SSL pinning) 如何将 SSL 证书的公钥固定在 flutter 中? - How to pin public key of SSL certificate in flutter? 如何使用私钥生成 SSL 证书? - How to generate SSL certificate with private key? 如何从根证书生成公共证书,私钥? - How to generate public certificate, private key from root certificate? 如何识别我的SSL公钥证书? - how can I identify my SSL public key certificate? JAVA:如何使用公共证书和私钥建立 SSL 连接 - JAVA : How to make SSL connection with public certificate and private key 使用SSL证书进行加密与生成的密钥 - Using SSL certificate for Encryption vs a generated key SSL证书:公钥还是私钥? - SSL certificate : public key or private key? 如何仅从csr生成证书(公钥)? - How to generate certificate (public key) from just the csr? 如何使用ruby检查SSL证书加密 - How to check SSL certificate encryption with ruby
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM