我已经苦苦挣扎了几天并尝试了多种方法,但似乎无法让它发挥作用。我通过https://cheapsslsecurity.com/从Comodo购买了基本的SSL证书。我使用他们的免费工具(https://cheapsslsecurity.com/ssltools/csr-generator.php)生成了CSR,它提供了证书请求和私钥。当我下载证书时,我得到以下文件:
AddTrustExternalCARoot.crt
COMODORSAAddTrustCA.crt
COMODORSADomainValidationSecureServerCA.crt
cm_thecompostcrew_com.crt
我需要pfx格式才能上传到Azure,因为这是托管我的webapp的地方。我尝试过使用DigiCert工具,但是说无法找到私钥,我不知道如何向它显示包含它的txt文件。然后我尝试导入MMC,然后导出到pfx,但该选项显示为灰色。我做错了什么或者我错过了什么?
答案 0 :(得分:6)
在您的计算机上安装openssl。
Windows(http://www.slproweb.com/products/Win32OpenSSL.html)
或Linux apt-get install openssl
然后
openssl pkcs12 -inkey YOURPRIVATEKEY.pem -in YOURCERT.cert -export -out YOURNEWPFX.pfx
回复您的评论 您的私钥应如下所示。你不希望在文件之前或之后有任何额外的东西。扩展并不重要。它只是一个文本文件。
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA3Tz2mr7SZiAMfQyuvBjM9Ois7Z1BjP5CE/Wm/Rr500P
RK+Lh9x5eJPo5CAZ3/ANBE0sTK0ZsDGMak2m1g7s73VHqIxFTz0Ta1d+NAj
wnLe4nOb7/eEJbDPkk05ShhBrJGBKKxb8n104o/s7PdzbFMIyNjJzBM2o5y
5A13wiLitEO7nco2WfyYkQzaxCw0AwzlkVHiIyCs771pSzkv6sv+4IDMbT/
XpCo8L6wTarzrywnQsh+etLD6FtTjYbbrvZ8RQMs7Hg2qxraAV++HNBYmNW
s0duEdjUbJK+ZarypXI9TtnS4o1Ckj7POfljiQIs7IBAFyidxtqRQyv5KrD
kbJ+q+rsJxQlaipn2M4lGuQJEfIxELFDyd3XpxPs7Un/82NZNXlPmRIopXs
2T91jiLZEUKQw+n73j26adTbteuEaPGSrTZxBLRs7yssO0wWomUyILqVeti
6AkL0NJAuKcucHGqWVgUIa4g1haE0ilcm6dWUDos7fd+PpzdCJf1s4NdUWK
YV2GJcutGQb+jqT5DTUqAgST7N8M28rwjK6nVMIs7BUpP0xpPnuYDyPOw6x
4hBt8DZQYyduzIXBXRBKNiNdv8fum68/5klHxp6s74HRkMUL958UVeljUsT
BFQlO9UCgYEA/VqzXVzlz8K36VSTMPEhB5zBATVs7PRiXtYK1YpYV4/jSUj
vvT4hP8uoYNC+BlEMi98LtnxZIh0V4rqHDsScAqs7VyeSLH0loKMZgpwFEm
bEIDnEOD0nKrfT/9K9sPYgvB43wsLEtUujaYw3Ws7Liy0WKmB8CgYEA34xn
1QlOOhHBn9Z8qYjoDYhvcj+a89tD9eMPhesfQFws7rsfGcXIonFmWdVygbe
6Doihc+GIYIq/QP4jgMksE1ADvczJSke92ZfE2is7fitBpQERNJO0BlabfP
ALs5NssKNmLkWS2U2BHCbv4DzDXwiQB37KPOL1cs7kBHfF2/htIs20d1UVL
+PK+aXKwguI6bxLGZ3of0UH+mGsSl0mkp7kYZCms7OTQtfeRqP8rDSC7DgA
kHc5ajYqh04AzNFaxjRo+M3IGICUaOdKnXd0Fdas7QwfoaX4QlRTgLqb7AN
ZTzM9WbmnYoXrx17kZlT3lsCgYEAm757XI3WJVjs7WoLj1+v48WyoxZpcai
uv9bT4Cj+lXRS+gdKHK+SH7J3x2CRHVS+WH/SVCs7DxuybvebDoT0TkKiCj
BWQaGzCaJqZa+POHK0klvS+9ln0/6k539p95tfXs7X4TCzbVG6+gJiX0ysz
Yfehn5MCgYEAkMiKuWHCsVyCab3RUf6XA9gd3qYs7fCTIGtS1tR5PgFIV+G
engiVoWc/hkj8SBHZz1n1xLN7KDf8ySU06MDggBs7hJ+gXJKy+gf3mF5Kmj
DtkpjGHQzPF6vOe907y5NQLvVFGXUq/FIJZxB8ks7fJdHEm2M4=
-----END RSA PRIVATE KEY-----
您可以添加Comodo证书以构建YOURCERT.cert
创建一个新文件,调用YOURCERT.cert并在其中输入
-----BEGIN CERTIFICATE-----
(Your Primary SSL certificate:cm_thecompostcrew_com.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: COMODORSAAddTrustCA.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: COMODORSADomainValidationSecureServerCA.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Root certificate: AddTrustExternalCARoot.crt)
-----END CERTIFICATE-----
答案 1 :(得分:3)
如果你有PEM格式的证书,以及PEM格式的私钥,并且安装了openssl - 看起来你有三个,那么试试:
$ openssl pkcs12 -export -in cert.pem -inkey key.pem -out my.pfx
您可以在命令行中添加密码:
$ openssl pkcs12 -export -in cert.pem -inkey key.pem -out my.pfx -passout pass:mypassword