第一步:生成密钥文件test-rsa.key,512位
genrsa -out test-rsa.key 512
第二步:生成公钥文件test-public-rsa.cer(有效期28480天,80年)
openssl req -new -x509 -key test-rsa.key -days 28480 -out test-public-rsa.cer
第三步:生成私钥文件test-private-rsa.pfx(别名test),设置密码:test
openssl pkcs12 -export -name test -in test-public-rsa.cer -inkey test-rsa.key -out test-private-rsa.pfx
第四步:从pfx私钥文件中导出pem格式私钥:
openssl pkcs12 -in test-private-rsa.pfx -nocerts -nodes -out temp-private-rsa.key
openssl rsa -in temp-private-rsa.key -out private-rsa.key
第五步:
记事本打开private-rsa.key,复制出来,到网站http://superdry.apphb.com/tools/online-rsa-key-converter上去,将PEM格式转成XML格式,这个XML的密钥就是私钥。
私钥格式如下:
<RSAKeyValue><Modulus>zVNUq6T5u07Fib3UhC9OMKv/PjKj/E0O6fy4YznL+dkpQkDYaFGCKoU4tB2RyIbkJF9RI+pf7O0YGWMQF7P5Xw==</Modulus><Exponent>AQAB</Exponent><P>8sUDuVCK2omhmN5wQ9OsufN36QJLSqc5Fp4cvZN3j+s=</P><Q>2IPq2Ynpcbq/p5E6ozfojuTcKudGWL42rmRNgely010=</Q><DP>oJyTMCEHHDn9/UL8hwMdvRBEfpWT9lnXvQzx+sH7Ue0=</DP><DQ>iuUFcYwxP44niJ132mDxRUm3m6ZF0IQlm/YoaqCR0tk=</DQ><InverseQ>xIUWCkuqpt2uYgUtNWmQ5SQ+vRe5f/MOBIyn7Mcwd3M=</InverseQ><D>qx6m80JUK0n0Ed7Wba/rL185I0IbLxudsV7A4Vl66OcX18E8XIYe9IXH1GvoZf3KGq9HQQhRX24QQJXvbQFSiQ==</D></RSAKeyValue>
其中去掉如下部分,剩下的就是公钥:
<P>8sUDuVCK2omhmN5wQ9OsufN36QJLSqc5Fp4cvZN3j+s=</P><Q>2IPq2Ynpcbq/p5E6ozfojuTcKudGWL42rmRNgely010=</Q><DP>oJyTMCEHHDn9/UL8hwMdvRBEfpWT9lnXvQzx+sH7Ue0=</DP><DQ>iuUFcYwxP44niJ132mDxRUm3m6ZF0IQlm/YoaqCR0tk=</DQ><InverseQ>xIUWCkuqpt2uYgUtNWmQ5SQ+vRe5f/MOBIyn7Mcwd3M=</InverseQ><D>qx6m80JUK0n0Ed7Wba/rL185I0IbLxudsV7A4Vl66OcX18E8XIYe9IXH1GvoZf3KGq9HQQhRX24QQJXvbQFSiQ==</D>