概念:cer == 证书 == 公钥key == 私钥;pem == cer + key
步骤:
生成不同类型的密钥:
- 1.生成RSA私钥(无加密)
openssl genrsa -out rsa_private.key 2048
- 2.生成RSA公钥
openssl rsa -in rsa_private.key -pubout -out rsa_public.key
- 3.生成RSA私钥(使用aes256加密)
openssl genrsa -aes256 -passout pass:111111 -out rsa_aes_private.key 2048
生成自签名证书:
openssl req -new -x509 -days 3650 -key rsa_private.key -out cert.crt -config ..\conf\openssl.cnf