Overview
- Thinking, if you have a MAC computer, don’t bother, just use a MAC computer, just use openssl without installation
This article mainly talks about the basic usage of openssl. The development environment is windows and the development tool is VS2019. This article mainly explains how to use openssl and does not introduce any theoretical knowledge. If you don’t understand anything, please go to Baidu. Personally, I recommend the next everything query tool. It is really easy to use and much faster than the query that comes with window. You can query the files you want
OPENSSL installation
There are many installation procedures on the Internet, OPENSSL installation, pay attention to the version and bit number of OPENSSL you installed (32-bit or 64-bit). If I installed 64-bit openssl, the installation directory is D:\Program Files\OpenSSL-Win64. You can choose your installation directory. After the installation is complete, check the installed openssl version and enter openssl version using the console.
1. Download
Open the official website
https://www.openssl.org
Find the corresponding version to download. Here is the 64-bit version of Windows.
2. Unzip
3.Use
There will be many follow-up steps in Baidu, such as: (I'm sorry that this is unfinished, because I have been busy recently, so you can refer to the steps I found for you, or you can use a MAC computer directly, no installation is required. This OPENSSL can be used directly with commands~~)
https://blog.csdn.net/zkz10086/article/details/81567509
https:// blog.csdn.net/q13554515812/article/details/92083595
https://www.cnblogs.com/wyt007/p/8022199.html
https: //www.jianshu.com/p/78bd18af06a0
https://www.cnblogs.com/dingshaohua/p/12271280.html
https:// blog.csdn.net/abcd552191868/article/details/126985198
4. Commonly used commands
version 用于查看版本信息
enc 用于加解密
ciphers 列出加密套件
genrsa 用于生成私钥
rsa RSA密钥管理(例如:从私钥中提取公钥)
req 生成证书签名请求(CSR)
crl 证书吊销列表(CRL)管理
ca CA管理(例如对证书进行签名)
dgst 生成信息摘要
rsautl 用于完成RSA签名、验证、加密和解密功能
passwd 生成散列密码
rand 生成伪随机数
speed 用于测试加解密速度
s_client 通用的SSL/TLS客户端测试工具
X509 X.509证书管理
verify X.509证书验证
pkcs7 PKCS#7协议数据管理
Convert DER to PEM
openssl x509 -inform der -in certificate.der -out certificate.pem
Convert PEM to DER
openssl x509 -outform der -in certificate.pem -out certificate.der
Convert PEM to P7B
openssl crl2pkcs7 -nocrl -certfile certificate.cer -out certificate.p7b -certfile CACert.cer
Convert PEM to PFX
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt
Convert P7B to PEM
openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
Convert PFX to PEM
openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes
Convert P7B to PFX
openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
That’s all for today~
- Friends, ( ̄ω ̄( ̄ω ̄〃 ( ̄ω ̄〃)ゝSee you tomorrow~~
- Everyone, please be happy every day
Everyone is welcome to point out areas that need correction in the article~
There is no end to learning and win-win cooperation