如何从CRT文件中获取PFX
IIS和TOMCAT(HTTPS)需要.pfx文件。
有几个.crt文件:
- aaacertificateservices.crt
- private.key
- sectigorsadomainvalidationsecureserverca.crt
- star_domain_com.crt
- userTroustrustrustrsaaaaaca.crt
如何使用OpenSSL从上面的文件中获取.pfx文件?
我尝试过这样的尝试:
openssl pkcs12 -export -in STAR_domain_com.crt -inkey private.key -out STAR_domain_com.pfx
但是认证链
结果不完整,我看不到认证链: 空的认证链
我想让我像让我们加密添加: 有效认证链
The .PFX file is required for IIS and Tomcat (HTTPS).
There are several .CRT files:
- AAACertificateServices.crt
- private.key
- SectigoRSADomainValidationSecureServerCA.crt
- STAR_domain_com.crt
- USERTrustRSAAAACA.crt
How can I get a .PFX file from the above files using openssl?
I tried it like this:
openssl pkcs12 -export -in STAR_domain_com.crt -inkey private.key -out STAR_domain_com.pfx
but the certification chain is incomplete
As a result, I don't see the certification chain:
empty certification chain
I want to get like for Let's Encrypt:
valid certification chain
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
要将.crt转换为.pfx,我们需要托管提供商提供的CSA证书(私钥)。以下是转换以下步骤:
下载并根据您的下面的链接下面安装OpenSSL软件
系统类型 https://slproweb.com/products/win32222openssl.html.html.html
openssl pkcs12 -export -Out证书
或openssl pkcs12 -export -Out证书
-in
.pfx -inkey
privateKey.txt > cacert.crt =
networksolutions_ca.crt证书.pfx是生成文件的新名称。privateKey可以在中.key或.txt格式完成此过程后,我们拥有
cetide.pfx文件,因此转到IIS Manager中的IIS服务器证书。右侧有一个导入链接按钮,单击此,然后选择转换后的证书,然后输入在创建
.pfx文件时输入的密码,然后完成该过程。现在,在IIS上选择您的站点,然后右键单击此网站,选择“编辑绑定”,然后在“新弹出窗口”上选择
https://和“ hosting name”是您的域名和所有其他字段就是这样,单击确定以完成此过程。现在,重新启动IIS,您的证书在您的网站上正常工作。
https://stackoverflow.com/a/a/12798206/133366642
To convert .crt to .pfx, we need CSA certificate (Private Key) provided by hosting provider. Below are the steps to convert this:
Download and install OpenSSL software from below link based on your
system type https://slproweb.com/products/Win32OpenSSL.html
Run the following command on command prompt:
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crtOR
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.txt -in certificate.crt -certfile CACert.crtHere:
Certificate.crt=Your-domain-Name.crtCACert.crt=NetworkSolutions_CA.crtcertificate.pfxis the new name of generated file.PrivateKeycan be in.keyor.txtformatAfter completing this process now we have
certificate.pfxfile so go to IIS Server certificates in IIS Manager.There is an import link button on right side, click on this and select the converted certificate and enter password which is enter at the time of creation of the
.pfxfile and complete the process.Now select your site on IIS and right click on this, select "Edit Binding" and on the new popup window select type as
https://and "Hosting name" is your domain name and all other field is as it is, click on ok to complete this process.Now restart IIS and your certificate is working fine with your site.
https://stackoverflow.com/a/12798206/13336642