从包含私钥的crt和txt中获取pfx
Get pfx from crt and txt containing private key
我已经苦苦挣扎了几天,尝试了多种方法,但似乎无法让它发挥作用。我通过 https://cheapsslsecurity.com/ I generated the CSR using their free tool (https://cheapsslsecurity.com/ssltools/csr-generator.php) 从 Comodo 购买了一个基本的 SSL 证书,它给了我证书请求和私钥。当我下载证书时,我得到以下文件:
AddTrustExternalCARoot.crt
COMODORSAAddTrustCA.crt
COMODORSADomainValidationSecureServerCA.crt
cm_thecompostcrew_com.crt
我需要 pfx 格式来上传到 Azure,因为这是托管我的 webapp 的地方。我试过使用 DigiCert 工具,但它说找不到私钥,我不知道如何向它显示包含它的 txt 文件。然后我尝试导入到 MMC,然后导出到 pfx,但该选项显示为灰色。我是做错了什么还是遗漏了什么?
在您的计算机上安装 openssl。
Windows ( http://www.slproweb.com/products/Win32OpenSSL.html )
或 Linux apt-get install openssl
然后
openssl pkcs12 -inkey YOURPRIVATEKEY.pem -in YOURCERT.cert -export -out YOURNEWPFX.pfx
回应您在下方的评论。
您的私钥应如下所示。您不希望文件中在它之前或之后有任何额外的东西。扩展名并不重要。这只是一个文本文件。
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA3Tz2mr7SZiAMfQyuvBjM9Ois7Z1BjP5CE/Wm/Rr500P
RK+Lh9x5eJPo5CAZ3/ANBE0sTK0ZsDGMak2m1g7s73VHqIxFTz0Ta1d+NAj
wnLe4nOb7/eEJbDPkk05ShhBrJGBKKxb8n104o/s7PdzbFMIyNjJzBM2o5y
5A13wiLitEO7nco2WfyYkQzaxCw0AwzlkVHiIyCs771pSzkv6sv+4IDMbT/
XpCo8L6wTarzrywnQsh+etLD6FtTjYbbrvZ8RQMs7Hg2qxraAV++HNBYmNW
s0duEdjUbJK+ZarypXI9TtnS4o1Ckj7POfljiQIs7IBAFyidxtqRQyv5KrD
kbJ+q+rsJxQlaipn2M4lGuQJEfIxELFDyd3XpxPs7Un/82NZNXlPmRIopXs
2T91jiLZEUKQw+n73j26adTbteuEaPGSrTZxBLRs7yssO0wWomUyILqVeti
6AkL0NJAuKcucHGqWVgUIa4g1haE0ilcm6dWUDos7fd+PpzdCJf1s4NdUWK
YV2GJcutGQb+jqT5DTUqAgST7N8M28rwjK6nVMIs7BUpP0xpPnuYDyPOw6x
4hBt8DZQYyduzIXBXRBKNiNdv8fum68/5klHxp6s74HRkMUL958UVeljUsT
BFQlO9UCgYEA/VqzXVzlz8K36VSTMPEhB5zBATVs7PRiXtYK1YpYV4/jSUj
vvT4hP8uoYNC+BlEMi98LtnxZIh0V4rqHDsScAqs7VyeSLH0loKMZgpwFEm
bEIDnEOD0nKrfT/9K9sPYgvB43wsLEtUujaYw3Ws7Liy0WKmB8CgYEA34xn
1QlOOhHBn9Z8qYjoDYhvcj+a89tD9eMPhesfQFws7rsfGcXIonFmWdVygbe
6Doihc+GIYIq/QP4jgMksE1ADvczJSke92ZfE2is7fitBpQERNJO0BlabfP
ALs5NssKNmLkWS2U2BHCbv4DzDXwiQB37KPOL1cs7kBHfF2/htIs20d1UVL
+PK+aXKwguI6bxLGZ3of0UH+mGsSl0mkp7kYZCms7OTQtfeRqP8rDSC7DgA
kHc5ajYqh04AzNFaxjRo+M3IGICUaOdKnXd0Fdas7QwfoaX4QlRTgLqb7AN
ZTzM9WbmnYoXrx17kZlT3lsCgYEAm757XI3WJVjs7WoLj1+v48WyoxZpcai
uv9bT4Cj+lXRS+gdKHK+SH7J3x2CRHVS+WH/SVCs7DxuybvebDoT0TkKiCj
BWQaGzCaJqZa+POHK0klvS+9ln0/6k539p95tfXs7X4TCzbVG6+gJiX0ysz
Yfehn5MCgYEAkMiKuWHCsVyCab3RUf6XA9gd3qYs7fCTIGtS1tR5PgFIV+G
engiVoWc/hkj8SBHZz1n1xLN7KDf8ySU06MDggBs7hJ+gXJKy+gf3mF5Kmj
DtkpjGHQzPF6vOe907y5NQLvVFGXUq/FIJZxB8ks7fJdHEm2M4=
-----END RSA PRIVATE KEY-----
您可以将 Comodo 证书添加到您的证书中以构建 YOURCERT.cert
创建一个新文件调用 YOURCERT.cert 并在其中放入
-----BEGIN CERTIFICATE-----
(Your Primary SSL certificate:cm_thecompostcrew_com.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: COMODORSAAddTrustCA.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: COMODORSADomainValidationSecureServerCA.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Root certificate: AddTrustExternalCARoot.crt)
-----END CERTIFICATE-----
如果您拥有 PEM 格式的证书和 PEM 格式的私钥,并且安装了 openssl -- 看起来您拥有所有这三个格式,请尝试:
$ openssl pkcs12 -export -in cert.pem -inkey key.pem -out my.pfx
您可以在命令行添加密码:
$ openssl pkcs12 -export -in cert.pem -inkey key.pem -out my.pfx -passout pass:mypassword
我已经苦苦挣扎了几天,尝试了多种方法,但似乎无法让它发挥作用。我通过 https://cheapsslsecurity.com/ I generated the CSR using their free tool (https://cheapsslsecurity.com/ssltools/csr-generator.php) 从 Comodo 购买了一个基本的 SSL 证书,它给了我证书请求和私钥。当我下载证书时,我得到以下文件:
AddTrustExternalCARoot.crt
COMODORSAAddTrustCA.crt
COMODORSADomainValidationSecureServerCA.crt
cm_thecompostcrew_com.crt
我需要 pfx 格式来上传到 Azure,因为这是托管我的 webapp 的地方。我试过使用 DigiCert 工具,但它说找不到私钥,我不知道如何向它显示包含它的 txt 文件。然后我尝试导入到 MMC,然后导出到 pfx,但该选项显示为灰色。我是做错了什么还是遗漏了什么?
在您的计算机上安装 openssl。
Windows ( http://www.slproweb.com/products/Win32OpenSSL.html )
或 Linux apt-get install openssl
然后
openssl pkcs12 -inkey YOURPRIVATEKEY.pem -in YOURCERT.cert -export -out YOURNEWPFX.pfx
回应您在下方的评论。
您的私钥应如下所示。您不希望文件中在它之前或之后有任何额外的东西。扩展名并不重要。这只是一个文本文件。
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA3Tz2mr7SZiAMfQyuvBjM9Ois7Z1BjP5CE/Wm/Rr500P
RK+Lh9x5eJPo5CAZ3/ANBE0sTK0ZsDGMak2m1g7s73VHqIxFTz0Ta1d+NAj
wnLe4nOb7/eEJbDPkk05ShhBrJGBKKxb8n104o/s7PdzbFMIyNjJzBM2o5y
5A13wiLitEO7nco2WfyYkQzaxCw0AwzlkVHiIyCs771pSzkv6sv+4IDMbT/
XpCo8L6wTarzrywnQsh+etLD6FtTjYbbrvZ8RQMs7Hg2qxraAV++HNBYmNW
s0duEdjUbJK+ZarypXI9TtnS4o1Ckj7POfljiQIs7IBAFyidxtqRQyv5KrD
kbJ+q+rsJxQlaipn2M4lGuQJEfIxELFDyd3XpxPs7Un/82NZNXlPmRIopXs
2T91jiLZEUKQw+n73j26adTbteuEaPGSrTZxBLRs7yssO0wWomUyILqVeti
6AkL0NJAuKcucHGqWVgUIa4g1haE0ilcm6dWUDos7fd+PpzdCJf1s4NdUWK
YV2GJcutGQb+jqT5DTUqAgST7N8M28rwjK6nVMIs7BUpP0xpPnuYDyPOw6x
4hBt8DZQYyduzIXBXRBKNiNdv8fum68/5klHxp6s74HRkMUL958UVeljUsT
BFQlO9UCgYEA/VqzXVzlz8K36VSTMPEhB5zBATVs7PRiXtYK1YpYV4/jSUj
vvT4hP8uoYNC+BlEMi98LtnxZIh0V4rqHDsScAqs7VyeSLH0loKMZgpwFEm
bEIDnEOD0nKrfT/9K9sPYgvB43wsLEtUujaYw3Ws7Liy0WKmB8CgYEA34xn
1QlOOhHBn9Z8qYjoDYhvcj+a89tD9eMPhesfQFws7rsfGcXIonFmWdVygbe
6Doihc+GIYIq/QP4jgMksE1ADvczJSke92ZfE2is7fitBpQERNJO0BlabfP
ALs5NssKNmLkWS2U2BHCbv4DzDXwiQB37KPOL1cs7kBHfF2/htIs20d1UVL
+PK+aXKwguI6bxLGZ3of0UH+mGsSl0mkp7kYZCms7OTQtfeRqP8rDSC7DgA
kHc5ajYqh04AzNFaxjRo+M3IGICUaOdKnXd0Fdas7QwfoaX4QlRTgLqb7AN
ZTzM9WbmnYoXrx17kZlT3lsCgYEAm757XI3WJVjs7WoLj1+v48WyoxZpcai
uv9bT4Cj+lXRS+gdKHK+SH7J3x2CRHVS+WH/SVCs7DxuybvebDoT0TkKiCj
BWQaGzCaJqZa+POHK0klvS+9ln0/6k539p95tfXs7X4TCzbVG6+gJiX0ysz
Yfehn5MCgYEAkMiKuWHCsVyCab3RUf6XA9gd3qYs7fCTIGtS1tR5PgFIV+G
engiVoWc/hkj8SBHZz1n1xLN7KDf8ySU06MDggBs7hJ+gXJKy+gf3mF5Kmj
DtkpjGHQzPF6vOe907y5NQLvVFGXUq/FIJZxB8ks7fJdHEm2M4=
-----END RSA PRIVATE KEY-----
您可以将 Comodo 证书添加到您的证书中以构建 YOURCERT.cert
创建一个新文件调用 YOURCERT.cert 并在其中放入
-----BEGIN CERTIFICATE-----
(Your Primary SSL certificate:cm_thecompostcrew_com.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: COMODORSAAddTrustCA.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: COMODORSADomainValidationSecureServerCA.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Root certificate: AddTrustExternalCARoot.crt)
-----END CERTIFICATE-----
如果您拥有 PEM 格式的证书和 PEM 格式的私钥,并且安装了 openssl -- 看起来您拥有所有这三个格式,请尝试:
$ openssl pkcs12 -export -in cert.pem -inkey key.pem -out my.pfx
您可以在命令行添加密码:
$ openssl pkcs12 -export -in cert.pem -inkey key.pem -out my.pfx -passout pass:mypassword