3
我下载这个包装OpenSSL.Net我将在我的项目其中包括在PKI devellopOpenSSL.Net创建certeficate 509x
- 创建证书personels整合
- 创建一个自签名CA证书
- 与CA签署证书我找不到解决方案
A
回答
1
如果您只是像这样通过Process.Start使用OpenSSL本身,它会快很多:
创建CA:
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -out ca.key
openssl req -new -x509 -days 9855 -key ca.key -out ca.crt
openssl x509 -in ca.crt -setalias "Company Name" -out ca.crt
openssl pkcs12 -export -nokeys -name "Company Name" -in ca.crt -out ca_public.pfx
创建签名人员持证上岗:
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -out id.key
openssl req -new -key id.key -out id.csr
openssl ca -policy policy_anything -in id.csr -cert ca.crt -keyfile ca.key -out id.crt -days 3650
del id.csr
openssl x509 -in id.crt -setalias "Personnel Name" -out id.crt
openssl pkcs12 -export -name "Personnel Name" -in id.crt -inkey id.key -out id.pfx
openssl pkcs12 -export -nokeys -name "Personnel Name" -in id.crt -out id_public.pfx
5
您可以使用X509CertificateAuthority和x509证书类来创建使用OpenSSL.NET编程的SSL证书。 您可以在below link.
###################################################
// Create a configuration object using openssl.cnf file.
OpenSSL.X509.Configuration cfg = new OpenSSL.X509.Configuration("Path to your openssl configuration file i.e. openssl.cnf");
// Create a root certificate authority which will have a self signed certificate.
OpenSSL.X509.X509CertificateAuthority RootCA = OpenSSL.X509.X509CertificateAuthority.SelfSigned(cfg, new SimpleSerialNumber(),"Disinguish name for your CA", DateTime.
Now, TimeSpan.FromDays(365));
// If you want the certificate of your root CA which you just create, you can get the certificate like this.
X509Certificate RootCertificate = rootCA.certificate;
// Here you need CSR(Certificate Signing Request) which you might have already got it from your web server e.g. IIS7.0.
string strCSR = System.IO.File.ReadAllText(@"Path to your CSR file");
// You need to write the CSR string to a BIO object as shown below.
OpenSSL.Core.BIO ReqBIO = OpenSSL.Core.BIO.MemoryBuffer();
ReqBIO.Write(strCSR);
// Now you can create X509Rquest object using the ReqBIO.
OpenSSL.X509.X509Request Request = new OpenSSL.X509.X509Request(reqBIO);
// Once you have a request object, you can create a SSL Certificate which is signed by the self signed RootCA.
OpenSSL.X509.X509Certificate certificate = RootCA.ProcessRequest(Request, DateTime.Now, DateTime.Now + TimeSpan.FromDays(365));
// Now you can save this certificate to your file system.
FileStream fs = new FileStream("Path to your file where you want to create the certificate with file name", FileMode.Create, FileAccess.ReadWrite);
BinaryWriter bw = new BinaryWriter(fs);
BIO bio = BIO.MemoryBuffer();
certificate.Write(bio);
string certString = bio.ReadString();
bw.Write(certString);
##############################################
+0
在ProcessRequest函数的当前版本的ManagedOpenSsl(0.6.1.0)中,您应该将您的配置对象(openssl.cnf)和该部分的名称(如“v3_ca”) CA:真实的扩展,例如)。它并不那么明显。 – Andark 2017-01-25 09:11:02
相关问题
- 1. OpenSSL.NET创建PFX
- 2. 如何使用OpenSSL.net创建证书
- 3. 使用Openssl.net创建PKCS12文件
- 4. OpenSSL.NET DES函数
- 5. 使用OpenSSL.net签署证书的问题
- 6. 为什么.NET不能找到OpenSSL.NET DLL?
- 7. 我在哪里可以找到有关OpenSSL.Net的文档
- 8. 用现有密钥解密使用OpenSSL.NET的RSA
- 9. OpenSSL.NET无法使用空密码导出私钥
- 10. OpenSSL.NET将Ruby示例移植到C#(来自RailsCasts 143 paypal-security)
- 11. openssl.net rsa加密需要的工作示例
- 12. 创建位创建
- 13. 创建或sudo创建odoo
- 14. 创建PHP创建图像
- 15. Form_tag'创建'vs'/创建'
- 16. 创建脚本PDF创建
- 17. 创建创建空对象
- 18. 创建在Eclipse中创建
- 19. 如何使用OpenSSL.Net C#包装器对AES字符串进行加密?
- 20. 创建
- 21. 创建
- 22. 创建
- 23. 创建
- 24. 创建
- 25. 创建
- 26. 创建
- 27. 创建
- 28. 创建
- 29. 创建
- 30. 创建
找到示例代码谢谢 我知道,但我使用C#。网络编程作为我的项目的工具 我发现包装openssl.net 我知道这些原因实施 但我找不到命令 代码行来创建CA和certeficat certeficat使个人,然后签署证书CA – user721036 2011-04-23 21:02:42
实际上,我也无法帮助。也许搜索OpenSSL.Net教程可能会发现一些有用的东西。 – 2011-04-23 22:54:14
Google已经无法解决我的问题 – user721036 2011-04-23 23:16:53