使用Openssl查看证书是DER and PEM(BASE64)编码

请到官方下载openssl

https://www.openssl.org/source/

下载到本地之后解压,将要查看的证书放到openssl目录下

使用Openssl查看证书是DER and PEM(BASE64)编码_第1张图片


打开command窗口

使用Openssl查看证书是DER and PEM(BASE64)编码_第2张图片


具体命令请参考下文:

One way to verify if "keytool" did export my certificate using DER and PEM formats correctly or not is to use "OpenSSL" to view those certificate files. To do this, I used the "openssl x509" command to view keytool_crt.der and keytool_crt.pem:

>openssl x509 -in keytool_crt.pem -inform pem -noout -text

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1185636568 (0x46ab60d8)
        Signature Algorithm: dsaWithSHA1
        Issuer: C=CA, ST=Herong State, L=Herong City, ...
        ...

>openssl x509 -in keytool_crt.der -inform der -noout -text

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1185636568 (0x46ab60d8)
        Signature Algorithm: dsaWithSHA1
        Issuer: C=CA, ST=Herong State, L=Herong City, ...
        O=Herong Company, OU=Heron
        ...

Cool. "OpenSSL" can read certificates in DER and PEM formats generated by "keytool". What I learned so far:

  • "keytool" can generate self-signed X5.09 version 3 certificates.
  • "keytool" can export certificates with DER and PEM formats.
  • "OpenSSL" can read certificates generated by "keytool" in both DER and PEM formats.

你可能感兴趣的:(使用Openssl查看证书是DER and PEM(BASE64)编码)