1 解压openssl-0.9.8k_WIN32.zip 到 c:\根目录;解压文件夹如下;
2 打开控制台,并切换到OpenSSL可执行文件所在目录;
3 利用OpenSSL创建.p12测试文件(也就是证书制作过程);详细创建步骤如下;
3.1 生成ca私钥
a) openssl dsaparam -out dsaparam 1024
b) openssl gendsa -out dsakey dsaparam
3.2 生成ca待签名证书
openssl req -new -out ca-req.csr -key dsakey -config ..\openssl.cnf
3.3用CA私钥进行自签名,得到自签名的CA根证书
openssl x509 -req -in ca-req.csr -out ca-cert.cer -signkey dsakey -days 365
3.4至此,自签名CA根证书制作完毕。当前目录下将产生四个文件,分别是:
ca-cert.cer
ca-req.csr
dsakey
dsaparam
3.5 利用OpenSSL把.cer转换为.p12格式;
openssl pkcs12 -export -clcerts -in ca-cert.cer -inkey dsakey -out ca.p12
3.6 检查并确认.p12文件;
4 添加OpenSLL头文件和lib库文件;
VS2008->Tools->Options->Projects and Solutions->VC++ Directories
5创建一个”Win32 Console Application”空的工程,命名为”OpenSSLTester”, 然后添加main.cpp,把如下测试代码添加进去;并且把libeay32.dll,ssleay32.dll和ca.p12添加到此工程文件夹下;
#include
#include
#include
#include
#include
#include
#include
#pragma comment(lib, "libeay32.lib")
#pragma comment(lib, "ssleay32.lib")
static const char *mon[12]=
{
"Jan","Feb","Mar","Apr","May","Jun",
"Jul","Aug","Sep","Oct","Nov","Dec"
};
/* 转换时间并存储到一个缓存区中*/
int UTCTIME_print(char buf[], ASN1_UTCTIME *tm)
{
char* v = NULL;
int gmt = 0;
int i = 0;
int y = 0, M = 0,d = 0,h = 0, m = 0, s = 0;
i = tm->length;
v = (char*)tm->data;
if (i < 10)
{
fprintf(stderr, "Bad time value\n");
}
if (v[i-