我正在尝试动态生成RSA X509公钥/私钥, 以下是我如何使用openssh命令行执行此操作:
openssl genrsa -out privatekey.pem 1024
openssl req -new -x509 -key privatekey.pem -out publickey.cer -days 1825
openssl pkcs12 -export -out public_privatekey.pfx -inkey privatekey.pem -in publickey.cer
我还如何添加密码来加密私钥?
我只到了这里
//Generate a public/private key pair.
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
//Save the public key information to an RSAParameters structure.
RSAParameters rsaKeyInfo = rsa.ExportParameters(true);
我使用过this类,但是它不会生成有效的SSL,当我将其提交到开发人员门户时,它没有被接受为有效的公共密钥:developer.xero.com/myapps
致谢
答案 0 :(得分:2)
请注意,我已经将createInstance类替换为推荐的RSACryptoServiceProvider基类,该基类是跨平台的,并且也是better RSA implementation。
这SO question使我朝着正确的方向前进。
RSA我已经在xero上测试了生成的using (var rsa = RSA.Create(1024))
{
var distinguishedName = new X500DistinguishedName($"CN=SelfSignedCertificate");
var request = new CertificateRequest(distinguishedName, rsa, HashAlgorithmName.SHA256,RSASignaturePadding.Pkcs1);
var certificate = request.CreateSelfSigned(DateTimeOffset.Now, DateTimeOffset.Now.AddDays(1825));
// Create PFX (PKCS #12) with private key
File.WriteAllBytes("privatekey.pfx", certificate.Export(X509ContentType.Pfx, "RGliXtaLkENste"));
// Create Base 64 encoded CER (public key only)
File.WriteAllText("publickey.cer",
"-----BEGIN CERTIFICATE-----\r\n"
+ Convert.ToBase64String(certificate.Export(X509ContentType.Cert), Base64FormattingOptions.InsertLineBreaks)
+ "\r\n-----END CERTIFICATE-----");
}
文件,因此它应该可以工作