使用OpenSSL API将.crt转换为.pem

时间:2014-10-01 13:38:10

标签: c api openssl pem crt

有人能告诉我如何使用openssl API将.crt文件转换为.pem文件吗? 我试过这样的话:

FILE *fl = fopen(cert_filestr, "r");
fseek(fl, 0, SEEK_END);
long len = ftell(fl);
char *ret = malloc(len);
fseek(fl, 0, SEEK_SET);
fread(ret, 1, len, fl);
fclose(fl);
BIO* input = BIO_new_mem_buf((void*)ret, sizeof(ret));
x509 = d2i_X509_bio(input, NULL);
FILE* fd = fopen(certificateFile, "w+");
BIO* output = BIO_new_fp(fd, BIO_NOCLOSE);
X509_print_ex(output, x509, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
fclose(fd);

但这不起作用,x509始终为NULL。

1 个答案:

答案 0 :(得分:1)

.crt certificate“可以编码为二进制DER或ASCII PEM。” (见http://info.ssl.com/article.aspx?id=12149)。

如果.crt文件已经过PEM编码,则无需转换,只需将文件名从.crt更改为.pem。

如果它被编码为DER,请将其转换为PEM,如下例所示:

X509* x509 = NULL;
FILE* fd = NULL,*fl = NULL;

fl = fopen(cert_filestr,"rb");
if(fl) 
{
    fd = fopen(certificateFile,"w+");
    if(fd) 
    {
        x509 = d2i_X509_fp(fl,NULL);
        if(x509) 
        {
            PEM_write_X509(fd,x509);
        }
        else 
        {
           printf("failed to parse to X509 from fl");
        }
        fclose(fd);
    }
    else
    {
        printf("can't open fd");
    }
   fclose(fl);
}
else 
{
    printf("can't open f");
}
相关问题
最新问题