我想使用perl中现有的cacert和cakey来签署我的密钥。
通过在perl中编写sub sign函数,我可以签署我的密钥。
函数调用my $cert = sign( $req, ca_cert($root), ca_key($root) );的示例
所以我的问题是如何编写这个签名函数。它的程序是什么。
任何线索将受到高度赞赏。
我已通过以下方式创建了证书,但使用此创建的证书无效,我收到“curl:(35)SSL连接错误”
cmd($openssl ca -batch -notext "."-config $config
-startdate 700101000001Z "."-enddate 491231235959Z "."-infiles $reqfile);
其中
$reqfile is certkey
$config is configs required for cert.
my $config = write_file(<<"CONFIG");
[ ca ]
default_ca = CA_default # The default ca section
[ CA_default ]
dir = $dir # top dir
database = $dir/index.txt # index file.
new_certs_dir = $dir/newcerts # new certs dir
certificate = $ca_cert # The CA cert
serial = $dir/serial # serial no file
private_key = $ca_key # CA private key
RANDFILE = $dir/private/.rand # random number file
default_crl_days= 30 # how long before next CRL
default_md = md5 # md to use
policy = policy_any # default policy
[ policy_any ]
countryName = supplied
stateOrProvinceName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
CONFIG