如何通过java确保服务器证书是使用哪个私钥创建的
客户使用下面的 openssl 命令创建了密钥和证书
openssl req -newkey rsa:1024 -sha1 -keyout OCkey.pem -out OCreq.pem -subj "/C=country/L=city/O=OCserver/OU=myLab/CN=OCserverName/" -config req.conf
openssl ca -in OCreq.pem -cert CAcert.pem -keyfile CAkey.pem -out OCcert.pem -days 3650 -config sign.conf -extfile sign.ext -md sha1 -notext
所以他们给了我证书(OCcert.pem)和私钥(OCkey.pem)。
如何确保 OCcert.pem 是使用 Java 通过 OCkey.pem 创建的?
注意:我不能要求客户更改 ssl 命令。
请帮忙。
Customer has created key and certificate using openssl command below
openssl req -newkey rsa:1024 -sha1 -keyout OCkey.pem -out OCreq.pem -subj "/C=country/L=city/O=OCserver/OU=myLab/CN=OCserverName/" -config req.conf
openssl ca -in OCreq.pem -cert CAcert.pem -keyfile CAkey.pem -out OCcert.pem -days 3650 -config sign.conf -extfile sign.ext -md sha1 -notext
So they have given me the certificate(OCcert.pem) and private key (OCkey.pem).
How to ensure that OCcert.pem is created through OCkey.pem using Java?
Note :I can't ask customer to change the ssl command.
Please help.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
为什么?他们应该立即扔掉该私钥,因为它已被泄露。这次演习的目的是什么?
Why? They should throw that private key away immediately, it is compromised. What was the purpose of this exercise?