ssl证书验证失败

时间:2020-05-31 21:25:23

标签: ssl openssl certificate x509

我拥有服务器CA证书,客户端证书和客户端密钥文件。尝试以以下格式创建PEM文件。

    # client certificate
    -----BEGIN CERTIFICATE-----
    XXXXXXXXXXXMVTXXXXXXXXXXXXBKueuqI6lfYygoKOhJJoXXXXXXXXXXXXXXXXXX
    ...
    XXXXXXXXXXXXXXXXXXXXXXXXhZSZg=
    -----END CERTIFICATE-----

    # Private key
    -----BEGIN PRIVATE KEY-----
    XXXXXXXXXXXMVTXXXXXXXXXXXXBKueuqI6lfYygoKOhJJoXXXXXXXXXXXXXXXXXX
    ...
    XXXXXXXXXXXXXXXXXXhZSZg2Cg6zn
    -----END PRIVATE KEY-----

    # Server CA certificate
    -----BEGIN CERTIFICATE-----
    XXXXXXXXXXXMVTXXXXXXXXXXXXBKueuqI6lfYygoKOhJJoXXXXXXXXXXXXXXXXXX
    ...
    XXXXXXXXXXXMVTXXXXXXXXXXXXBKueuqI6lfYygoKOhJJoXXXXXXXXXXXXXXXXXX
    XXXXXXXXXXXXXXXXXXXXXXXXhZSZgxxxxxxx4gv/5blW3Dc=
    -----END CERTIFICATE-----

在创建PEM文件之前,当我尝试使用openssl验证证书和密钥时,出现以下错误。

  openssl x509 -in clientCert.crt  -text
    unable to load certificate
    4559283820:error:09FFF06C:PEM routines:CRYPTO_internal:no start line:/BuildRoot/Library/Caches/com.apple.xbs/Sources/libressl/libressl-22.260.1/libressl-2.6/crypto/pem/pem_lib.c:683:Expecting: TRUSTED CERTIFICATE

  openssl pkey -in keyfile.key -pubout -outform pem
    unable to load key
    4684559980:error:09FFF064:PEM routines:CRYPTO_internal:bad base64 decode:/BuildRoot/Library/Caches/com.apple.xbs/Sources/libressl/libressl-22.260.1/libressl-2.6/crypto/pem/pem_lib.c:800:

密钥和证书来自受信方。那么有什么主意我在这里做错了吗?

0 个答案:

没有答案
相关问题
最新问题