如何将各种证书合并为单个 .pem 文件

Question 1

以下是直接摘自 RFC 的一段引文：

  certificate_list
    This is a sequence (chain) of X.509v3 certificates.  The sender's
    certificate must come first in the list.  Each following
    certificate must directly certify the one preceding it.  Because
    certificate validation requires that root keys be distributed
    independently, the self-signed certificate that specifies the root
    certificate authority may optionally be omitted from the chain,
    under the assumption that the remote end must already possess it
    in order to validate it in any case.

根据此信息，服务器证书应排在第一位，然后是任何中间证书，最后是根受信任颁发机构证书（如果是自签名的）。我找不到有关私钥的任何信息，但我认为这不重要，因为 pem 中的私钥很容易识别，因为它以下面的文本开头和结尾，其中包含关键字PRIVATE。

 -----BEGIN RSA PRIVATE KEY-----
 -----END RSA PRIVATE KEY-----

Answer

根据RFC 4346。

以下是直接摘自 RFC 的一段引文：

  certificate_list
    This is a sequence (chain) of X.509v3 certificates.  The sender's
    certificate must come first in the list.  Each following
    certificate must directly certify the one preceding it.  Because
    certificate validation requires that root keys be distributed
    independently, the self-signed certificate that specifies the root
    certificate authority may optionally be omitted from the chain,
    under the assumption that the remote end must already possess it
    in order to validate it in any case.

根据此信息，服务器证书应排在第一位，然后是任何中间证书，最后是根受信任颁发机构证书（如果是自签名的）。我找不到有关私钥的任何信息，但我认为这不重要，因为 pem 中的私钥很容易识别，因为它以下面的文本开头和结尾，其中包含关键字PRIVATE。

 -----BEGIN RSA PRIVATE KEY-----
 -----END RSA PRIVATE KEY-----

Question 2

以下是使用以下命令进行组合cat

cat first_cert.pem second_cert.pem > combined_cert.pem

Answer

以下是使用以下命令进行组合cat

cat first_cert.pem second_cert.pem > combined_cert.pem

如何将各种证书合并为单个 .pem 文件

答案1

答案2

相关内容