在 Windows 上创建 OpenSSL 证书
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2355568/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Create a OpenSSL certificate on Windows
提问by Ben Fransen
Since I'm very new to SSL certificates, and the creation and usage of them I figured maybe StackOverflow members can help me out.
由于我对 SSL 证书以及它们的创建和使用非常陌生,我想也许 StackOverflow 成员可以帮助我。
I'm from Holland, the common way of online payments is by implementing iDEAL. An online payment protocol supported by the major banks. I have to implement a 'professional' version. This includes creating a RSA private key. Based on that key I have to create a certificate and upload it to the webserver.
我来自荷兰,在线支付的常见方式是实施 iDEAL。主要银行支持的在线支付协议。我必须实施“专业”版本。这包括创建 RSA 私钥。基于该密钥,我必须创建一个证书并将其上传到网络服务器。
I'm on a Windows machine and completely confused what to do. I took a look at the OpenSSL website, because the manual forwarded me to that website to get a SSL Toolkit.
我在一台 Windows 机器上,完全不知道该怎么做。我查看了 OpenSSL 网站,因为手册将我转发到该网站以获取 SSL 工具包。
The manual provides two commands which have to be executed in order to create a RSA key and a certificate.
该手册提供了两个必须执行的命令才能创建 RSA 密钥和证书。
The commands are:
命令是:
openssl genrsa -des3 –out priv.pem -passout pass:myPassword 1024
openssl genrsa -des3 –out priv.pem -passout pass:myPassword 1024
and
和
openssl req -x509 -new -key priv.pem -passin pass:myPassword -days 3650 -out cert.cer
openssl req -x509 -new -key priv.pem -passin pass:myPassword -days 3650 -out cert.cer
Is there a way I can do this by a utility on a windows machine? I've downloaded PuTTy KeyGenerator. But I'm not sure what to do, I've created a key (SSH-2 RSA, whatever that is..) but how do I create a certificate with that key?
有没有办法通过 Windows 机器上的实用程序来做到这一点?我已经下载了 PuTTy KeyGenerator。但我不知道该怎么做,我已经创建了一个密钥(SSH-2 RSA,无论是什么......)但是我如何使用该密钥创建证书?
采纳答案by Adam Batkin
You can download a native OpenSSL for Windows, or you can always use Cygwin.
您可以下载适用于 Windows的本机OpenSSL,也可以始终使用Cygwin。
回答by alexkb
If you're on windows and using apache, maybe via WAMP or the Drupal stack installer, you can additionally download the git for windowspackage, which includes many useful linux command line tools, one of which is openssl.
如果您在 Windows 上使用 apache,也许通过 WAMP 或 Drupal 堆栈安装程序,您还可以下载git for windows包,其中包括许多有用的 linux 命令行工具,其中之一是 openssl。
The following command creates the self signed certificate and key needed for apache and works fine in windows:
以下命令创建 apache 所需的自签名证书和密钥,并在 Windows 中正常工作:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout privatekey.key -out certificate.crt
回答by Dima Stopel
Consider using certificate depot web app to easily create private key and certificate based on it: http://www.cert-depot.com/
考虑使用证书库 Web 应用程序轻松创建基于它的私钥和证书:http: //www.cert-depot.com/
It can also create a PFX for you.
它还可以为您创建 PFX。
Disclaimer: I am the creator of certificate depot.
免责声明:我是证书仓库的创建者。
回答by teewuane
To create a self signed certificate on Windows 7 with IIS 6...
要使用 IIS 6 在 Windows 7 上创建自签名证书...
Open IIS
Select your server (top level item or your computer's name)
Under the IIS section, open "Server Certificates"
Click "Create Self-Signed Certificate"
Name it "localhost" (or something like that that is not specific)
Click "OK"
打开 IIS
选择您的服务器(顶级项目或您的计算机名称)
在 IIS 部分下,打开“服务器证书”
点击“创建自签名证书”
将其命名为“localhost”(或类似的不具体的名称)
点击“确定”
You can then bind that certificate to your website...
然后,您可以将该证书绑定到您的网站...
Right click on your website and choose "Edit bindings..."
Click "Add"
- Type: https
- IP address: "All Unassigned"
- Port: 443
- SSL certificate: "localhost"
Click "OK"
Click "Close"
右键单击您的网站并选择“编辑绑定...”
点击“添加”
- 类型:https
- IP 地址:“全部未分配”
- 端口:443
- SSL 证书:“本地主机”
点击“确定”
点击“关闭”
