关键命令:
openssl pkcs8 -topk8 -inform PEM -in PKCS1.pem -outform PEM -nocrypt -out PKCS8.pem
PKCS1格式的私钥
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDlUT8SqmIOhHUKAZGFRHOafTVV1jbXO7W9LC5OVQWpHgTNdrUo
LlHoMfwGwX77vjKiObkvJitSux1huD6xAEmMYCbD0EGz9GWUqWXvxcc4awk0qdcK
NI1muKgo+m314FbeLEnvRObL12pTkOTgdKEQ2paLIj57uuvGTgtwgbbzSwIDAQAB
AoGAXLCcZ/UKsYeEr0i3A0EJ4TYe6tUtUY5HBXHoPa1MHnGNy2biDp26abpafniT
1Tmpyby/R3mMJWKQm8EXRgAxuZHiyD3Ijsbs+29pESxp7VVy+hGdRmGwZWDh3UAR
kAqvQKaihULydXBzCC5dINh6J0akyK0wsoQFG7yCGm3/RjECQQD6OpOdVEEqkVNn
C99E3Fk8EH7nTaZ+2+i0Qca9N4Q7aM5+qZ5waUp4EH+gD5XGOcEVW757Y5cq7xr5
i6bpjSplAkEA6psz2LJMlPMtIohyNj4Zz70+BFXwMi2CkPX4dRULQt3BOg1xYjTK
HU1pxxJqJrER39MShd49SmPsC0k8Es1z7wJAPe8TrEQ3YO7ZYs74cxXK7Gf00RFS
HWIWxc7l/t1n2ECHo6gd9BrLeM40mIxi+M5AsSWlDutGdjT6Szu6k2ICVQJBAOf0
I0Kwpn7uH0XxWdq/c42tMU/gF+fEjz77sncwIz4tOgpHmD7cqqhmDZtBXap7j4yY
h8vLexW9zXcrJTYB5AkCQQDsOGFbNSJ7pB4UQ7DFlyM2hIZK2EI2x8BM4NMcWUJ5
H/Pre/iZ36wI9nyGq3LKKvyeAk25jYVTbV/t1nUsFi5k
-----END RSA PRIVATE KEY-----
PKCS1格式的私钥格式是
-----BEGIN RSA PRIVATE KEY----- ....... -----END RSA PRIVATE KEY-----`
将PKCS1转成PKCS8
-
将PKCS1格式的私钥粘贴到文本编辑器中,然后存储为PKCS1.pem文件,如下图
存储为PKCS1.pem -
生成的pem文件如下
PKCS1.pem 打开终端
cd切换到PKCS1.pem所在的路径,并使用下面的命令将PKCS1.pem转成PKCS8.pem
openssl pkcs8 -topk8 -inform PEM -in PKCS1.pem -outform PEM -nocrypt -out PKCS8.pem
-
这样就把PKCS1转换成啦PKCS8,如下图
PKCS1.pem和PKCS8.pem 在终端输入
cat PKCS8.pem,可以看到PKCS8里面的内容如下
-----BEGIN PRIVATE KEY-----
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAOVRPxKqYg6EdQoB
kYVEc5p9NVXWNtc7tb0sLk5VBakeBM12tSguUegx/AbBfvu+MqI5uS8mK1K7HWG4
PrEASYxgJsPQQbP0ZZSpZe/FxzhrCTSp1wo0jWa4qCj6bfXgVt4sSe9E5svXalOQ
5OB0oRDalosiPnu668ZOC3CBtvNLAgMBAAECgYBcsJxn9Qqxh4SvSLcDQQnhNh7q
1S1RjkcFceg9rUwecY3LZuIOnbppulp+eJPVOanJvL9HeYwlYpCbwRdGADG5keLI
PciOxuz7b2kRLGntVXL6EZ1GYbBlYOHdQBGQCq9ApqKFQvJ1cHMILl0g2HonRqTI
rTCyhAUbvIIabf9GMQJBAPo6k51UQSqRU2cL30TcWTwQfudNpn7b6LRBxr03hDto
zn6pnnBpSngQf6APlcY5wRVbvntjlyrvGvmLpumNKmUCQQDqmzPYskyU8y0iiHI2
PhnPvT4EVfAyLYKQ9fh1FQtC3cE6DXFiNModTWnHEmomsRHf0xKF3j1KY+wLSTwS
zXPvAkA97xOsRDdg7tlizvhzFcrsZ/TREVIdYhbFzuX+3WfYQIejqB30Gst4zjSY
jGL4zkCxJaUO60Z2NPpLO7qTYgJVAkEA5/QjQrCmfu4fRfFZ2r9zja0xT+AX58SP
PvuydzAjPi06CkeYPtyqqGYNm0FdqnuPjJiHy8t7Fb3NdyslNgHkCQJBAOw4YVs1
InukHhRDsMWXIzaEhkrYQjbHwEzg0xxZQnkf8+t7+JnfrAj2fIarcsoq/J4CTbmN
hVNtX+3WdSwWLmQ=
-----END PRIVATE KEY-----
PKCS8格式的私钥
PKCS8格式的私钥格式如下
-----BEGIN PRIVATE KEY----- ............ -----END PRIVATE KEY-----
附:openssl
- 生成RSA私钥
openssl genrsa -out private.pem 1024
生成的是pkcs1格式的长度为1024的私钥
- 根据私钥生成对应的公钥
openssl rsa -in private.pem -pubout -out public.pem
- 生成证书请求文件rsaCertReq.csr
openssl req -new -key private.pem -out rsaCerReq.csr
生成证书求情文件需要根据提示输入一些信息。只需要跟着提示一步步走就行啦
- 生成证书rsaCert.crt,并设置有效时间为10年
openssl x509 -req -days 3650 -in rsaCerReq.csr -signkey private.pem -out rsaCert.crt
- 生成供iOS使用的公钥文件public_key.der
openssl x509 -outform der -in rsaCert.crt -out public.der
- 生成供iOS使用的私钥文件private_key.p12
openssl pkcs12 -export -out private.p12 -inkey private.pem -in rsaCert.crt
生成p12需要设置密码
