如何从 PEM 证书创建 x.509 证书？

Question

PEM 只是一种以 base64 形式对二进制数据进行编码的机制。大多数 x.509 证书都是 PEM 编码的；它们看起来像这样：

您可以使用 openssl 检查此类证书，如下所示：

$ openssl x509 -in filename -noout -text

对于上述证书，这将打印：

Certificate:
Data:
    Version: 3 (0x2)
    Serial Number:
        b7:94:5e:85:b2:19:80:58
    Signature Algorithm: sha1WithRSAEncryption
    Issuer: CN=hx509 Test Root CA, C=SE
    Validity
        Not Before: Nov 15 06:58:56 2007 GMT
        Not After : Nov 12 06:58:56 2017 GMT
    Subject: CN=hx509 Test Root CA, C=SE
    Subject Public Key Info:
        Public Key Algorithm: rsaEncryption
        RSA Public Key: (1024 bit)
            Modulus (1024 bit):
                00:c7:72:f2:5b:c8:95:cf:84:cf:47:1e:ad:61:53:
                a7:76:0a:ed:5f:5b:da:35:0a:f3:9b:8a:b9:f5:48:
                d6:60:fa:94:e7:42:03:bd:2e:fe:15:8d:04:1f:96:
                d3:4a:d1:aa:2f:c8:b2:5a:51:d6:c0:6e:c4:42:7c:
                7f:bb:f5:86:36:b5:4e:fa:c7:c6:97:a5:4a:e2:d0:
                37:d4:bf:93:c6:b1:c2:19:cd:6e:d6:50:b6:9a:5f:
                10:60:1e:8d:68:c3:39:a1:73:54:23:17:d2:43:12:
                ea:c9:5c:61:44:65:a0:ec:3d:c1:30:63:8d:11:8e:
                b2:83:2f:c4:97:cc:4a:04:c3
            Exponent: 65537 (0x10001)

...还有一堆其他的东西。这就是你可以 (a) 验证你的文件是否包含证书，以及 (b) 查看证书详细信息的方法。

Answer 1

PEM 只是一种以 base64 形式对二进制数据进行编码的机制。大多数 x.509 证书都是 PEM 编码的；它们看起来像这样：

您可以使用 openssl 检查此类证书，如下所示：

$ openssl x509 -in filename -noout -text

对于上述证书，这将打印：

Certificate:
Data:
    Version: 3 (0x2)
    Serial Number:
        b7:94:5e:85:b2:19:80:58
    Signature Algorithm: sha1WithRSAEncryption
    Issuer: CN=hx509 Test Root CA, C=SE
    Validity
        Not Before: Nov 15 06:58:56 2007 GMT
        Not After : Nov 12 06:58:56 2017 GMT
    Subject: CN=hx509 Test Root CA, C=SE
    Subject Public Key Info:
        Public Key Algorithm: rsaEncryption
        RSA Public Key: (1024 bit)
            Modulus (1024 bit):
                00:c7:72:f2:5b:c8:95:cf:84:cf:47:1e:ad:61:53:
                a7:76:0a:ed:5f:5b:da:35:0a:f3:9b:8a:b9:f5:48:
                d6:60:fa:94:e7:42:03:bd:2e:fe:15:8d:04:1f:96:
                d3:4a:d1:aa:2f:c8:b2:5a:51:d6:c0:6e:c4:42:7c:
                7f:bb:f5:86:36:b5:4e:fa:c7:c6:97:a5:4a:e2:d0:
                37:d4:bf:93:c6:b1:c2:19:cd:6e:d6:50:b6:9a:5f:
                10:60:1e:8d:68:c3:39:a1:73:54:23:17:d2:43:12:
                ea:c9:5c:61:44:65:a0:ec:3d:c1:30:63:8d:11:8e:
                b2:83:2f:c4:97:cc:4a:04:c3
            Exponent: 65537 (0x10001)

...还有一堆其他的东西。这就是你可以 (a) 验证你的文件是否包含证书，以及 (b) 查看证书详细信息的方法。

如何从 PEM 证书创建 x.509 证书？

答案1

相关内容