-print_certs is the option you want to use to list all of the certificates in the p7b file, you may need to specify the format of the p7b file you are reading.
You can then redirect the output to a new file to build the concatenated list of certificates.
Open the file in a text editor, you will either see Base64 (PEM) or binary data (DER).
openssl x509 -outform DER -in certificate.cer | openssl x509 -inform DER -outform PEM
看看。
The only problem is that any additional certificates in resulted file will not be recognized, as tools don't expect more than one certificate per PEM/DER encoded file. Even openssl itself. Try
openssl x509 -outform DER -in certificate.cer | openssl x509 -inform DER -outform PEM
发布评论
评论(6)
-print_certs 是您要用来列出 p7b 文件中所有证书的选项,您可能需要指定正在读取的 p7b 文件的格式。
然后,您可以将输出重定向到新文件以构建证书的串联列表。
在文本编辑器中打开文件,您将看到 Base64 (PEM) 或二进制数据 (DER)。
http://www.openssl.org/docs/apps/pkcs7.html
-print_certs is the option you want to use to list all of the certificates in the p7b file, you may need to specify the format of the p7b file you are reading.
You can then redirect the output to a new file to build the concatenated list of certificates.
Open the file in a text editor, you will either see Base64 (PEM) or binary data (DER).
http://www.openssl.org/docs/apps/pkcs7.html
所选答案对我不起作用,但已经很接近了。我找到了适合我的教程以及从 StartCom 获得的证书。
在文本编辑器中打开 .p7b。
更改前导和尾部,使文件看起来与此类似:
<前><代码> -----开始 PKCS7-----
[...证书内容在此...]
-----PKCS7结束-----
例如,我的 StartCom 证书以: 开头
,以:
保存并关闭 .p7b。
运行以下 OpenSSL 命令(在撰写本文时适用于 Ubuntu 14.04.4):
<预><代码> openssl pkcs7 -print_certs -in pkcs7.p7b -out pem.cer
输出是带有证书链的 .cer。
参考:http://www.freetutorialssubmit.com/extract-certificates-from- P7B/2206
The selected answer didn't work for me, but it's close. I found a tutorial that worked for me and the certificate I obtained from StartCom.
Open the .p7b in a text editor.
Change the leader and trailer so the file looks similar to this:
For example, my StartCom certificate began with:
and ended with:
Save and close the .p7b.
Run the following OpenSSL command (works on Ubuntu 14.04.4, as of this writing):
The output is a .cer with the certificate chain.
Reference: http://www.freetutorialssubmit.com/extract-certificates-from-P7B/2206
唯一的问题是,结果文件中的任何其他证书都不会被识别,因为工具预计每个 PEM/DER 编码文件不会有多个证书。
甚至 openssl 本身。
亲自尝试
看看。
The only problem is that any additional certificates in resulted file will not be recognized, as tools don't expect more than one certificate per PEM/DER encoded file.
Even openssl itself.
Try
and see for yourself.
如果将 -chain 添加到命令行,它将导出所有链接的证书。
http://www.openssl.org/docs/apps/pkcs12.html
If you add -chain to your command line, it will export any chained certificates.
http://www.openssl.org/docs/apps/pkcs12.html
我在从文件中提取证书时遇到类似的问题。这可能不是最好的方法,但它对我有用。
I had similar problem extracting certificates from a file. This might not be the most best way to do it but it worked for me.
@Magnus 答案的一个版本,将每个证书保存到单独的文件,但也会删除标头
A version of @Magnus answer that saves each certificate to separate file, but also strips headers