openssl生成证书
-
生成CA私钥
openssl ecparam -genkey -name SM2 -out ca.key.pem -noout -
证书请求
openssl req -new -key ca.key.pem -out ca.cert.req -subj “/CN=rtems-strongswan-CA” -
生成证书
openssl x509 -req -days 3650 -in ca.cert.req -signkey ca.key.pem -out ca.cert.pem -
生成目标私钥
openssl ecparam -genkey -name SM2 -out carolKey.pem -noout -
证书请求
openssl req -new -key carolKey.pem -out carolCert.req -subj “/CN=rtems-strongswan-carol” -
生成证书
openssl x509 -req -days 3650 -in carolCert.req -CA ca.cert.pem -CAkey ca.key.pem -out carolCert.pem -
查看私钥密钥格式ASN.1内容
openssl asn1parse -in openssl_dave.key -
查看证书内容
openssl x509 -in openssl_dave.pem -noout -text
)
)
)
 -> 动态修改编译配置)