//合并证书和私钥
openssl pkcs12 -export -in cer.cer -out all.p12 -inkey key.key
//查看私钥信息
openssl rsa -noout -text -in key.key
//验证证书颁发者
openssl verify -CAfile ca.cer cer.cer
//转换der成pem(Base64编码)
openssl x509 -inform der -in cer.der -outform pem -out out.pem
//转换pem成der(二进制流)
openssl x509 -inform pem -in cer.pem -outform der -out out.der
//openssl smime验证
openssl pkcs12 -export -in cer.cer -out all.p12 -inkey key.key
//查看私钥信息
openssl rsa -noout -text -in key.key
//验证证书颁发者
openssl verify -CAfile ca.cer cer.cer
//转换der成pem(Base64编码)
openssl x509 -inform der -in cer.der -outform pem -out out.pem
//转换pem成der(二进制流)
openssl x509 -inform pem -in cer.pem -outform der -out out.der
//openssl smime验证
openssl smime -verify -in signed_base64_dec -inform DER -CAfile rootca.cer
//验证证书与私钥是否匹配
openssl.exe s_server -cert ipsecvpn.pem -key ipsecvpn.key
提取CRT文件:
openssl pkcs12 -in {$certificatename} -out {$crtfile} -clcerts -nokeys -passin pass:{$pass}
提取KEY:
openssl pkcs12 -in {$certificatename} -out {$keyfile} -nocerts -nodes -passin pass:{$pass}
加载Engine:
OpenSSL> engine -t dynamic -pre SO_PATH:./libpkcs11.dll -pre LIST_ADD:1 -pre LOAD