堆栈内存溢出
  简体   繁体   English

如何使用OpenSSL命令行创建ECDSA证书

[英]How do I create an ECDSA certificate with the OpenSSL command-line

 原文  2012-08-16 16:57:42       openssl/ certificate

问题描述

I'm building a server app in C++ that needs to accept a certificate containing an ECDSA public key. 我正在构建一个C ++服务器应用程序,需要接受包含ECDSA公钥的证书。 It must validate the certificate and, upon verification, use the public key contained in the certificate to authenticate a message sent along with the certificate. 它必须验证证书,并在验证时使用证书中包含的公钥来验证与证书一起发送的消息。

I have all this working using ECDSA keypairs generated on the fly - ie my code is working nicely - but now I need to do the certificate piece. 我使用ECDSA密钥对即时工作 - 即我的代码运行良好 - 但现在我需要做证书片。

And I figured I could use OpenSSL's command-line to create the certificate which is installed on the client (along with the ECDSA private key in a separate file). 我想我可以使用OpenSSL的命令行来创建安装在客户端上的证书(以及单独文件中的ECDSA私钥)。

Can anyone help? 有人可以帮忙吗?

1 个解决方案

解决方案1
 33  2012-08-17 04:09:13

If you haven't chosen a curve, you can list them with this command: 如果您没有选择曲线,可以使用以下命令列出它们: 

openssl ecparam -list_curves

I picked secp256r1 for this example. 我为这个例子选了secp256r1 Use this to generate an EC private key if you don't have one already: 如果您还没有EC私钥,请使用此私钥生成: 

openssl ecparam -out ec_key.pem -name secp256r1 -genkey

And then generate the certificate. 然后生成证书。 Your certificate will be in cert.pem . 您的证书将在cert.pem 

openssl req -new -key ec_key.pem -x509 -nodes -days 365 -out cert.pem

See also: req , ecparam 另见: reqecparam

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何以编程方式(例如,不使用“ openssl” CLI命令)在OpenSSL中创建自签名证书? - How do I create a self-signed certificate in OpenSSL programatically (i.e., not with the 'openssl' CLI command)? 是否有任何openssl命令行来验证ECDSA prime256v1证书和私钥是否匹配? - Any openssl command line to verify ECDSA prime256v1 certificate and private key match? 为什么我在Ruby和命令行OpenSSL之间获得了不同的RSA加密文件? - Why do I get different RSA encrypted files between Ruby and command-line OpenSSL? 在openssl md5命令行末尾如何忽略换行符? - How to ignore newline in the end of openssl md5 command-line? 如何在OpenSSL命令行中通过自定义证书 - How to pass custom certificate in openssl command line 如何提供OpenSSL随机数据以用于ECDSA签名? - How do I feed OpenSSL random data for use in ECDSA signing? 如何使用 Openssl:ECDSA 获得它的公钥 - How can I get it pubkey with Openssl:ECDSA 如何生成带有“标头”的 OpenSSL 证书? - How do I generate an OpenSSL certificate with a “header”? 如何从OpenSSL中的ECDSA私钥获取公钥? - How do I obtain the public key from an ECDSA private key in OpenSSL? 如何使用 openssl 创建与 X509Certificate2 兼容的 pfx - how do I create a pfx compatible with X509Certificate2 with openssl
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM