MAC OS自带了OpenSSL,直接在命令行里使用OPENSSL就可以。
打开命令行工具,然后输入 openssl打开openssl,接着只要三句命令就可以搞定。
kenMac:~ MyTestCert$openssl
2、OpenSSL后运行> genrsa -out rsa_private_key.pem 2048 // 第一句命令:生成私钥。接下来Terminal显示内容如下:
Generating RSA private key, 2048 bit long modulus
...............+++
..............................................+++
e is 65537 (0x10001)
3、OpenSSL后接着运行> pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM –nocrypt // 第二句命令:把RSA私钥转换成PKCS8格式。提示输入密码,密码为空(直接回车)就行;
Enter Encryption Password:
Verifying - Enter Encryption Password:
4、Terminal显示如下:
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIE6TAbBgkqhkiG9w0BBQMwDgQIiQ4PFYMqa7ECAggABIIEyARDwR3lbjFQYGmy
ASuI2D8LJXOtQDf/BIfFFln6d9UgppOEWlKIrp1ms6BF0nP76mtBiOpsk5QjPhTK
U4snDLT/w/hTc2OBPe66poOtzlVPtKLacfTH1pMzHUWcVz4cmCI+SAMTRkdQ1EG+
UtmdlISxoHqFIuiP4GsuyItVLrqvYMEN+4rMkcO6HgKTInvAVogp05QzJCSOVKCX
6C9Jpgdy+la9rIqteueioYofmgFojZGQtuCh03BgFBD5cHjMWNZ9X9vmxq/ih0ib
NhUptlvwQeaA2OO0pDhOM613b8osGFxvhb14KjMCQdfaYAu9fYw2rFNbZG4Q6BBu
7j+iheHiUdqA/2K9IjTf8kcJGYbQvAlz8GdL/psosk7irBndHEOOZTLgY4xU6t71
Vxwyf9WHbTuuY+MZbzMdo02lKTcznpiT0wdEu+gD5juz5wTVKyZ2HIoT+47Vte6Z
J16X9X1jw3KlIwDl/vFTEBGS1lfn8kMxyuGbomEMlF+If8MXvtY3mfBO5FHSy271
YVRCemxygsUpnMRgRjBdeCAefO8e+vEI2Rh/goCwkq+QmtNnhxMMXdiSn/Sx2KiZ
vLu+uaXcdw07rFh8sCTt9AaCyHvlWP2iuBOuFn7gEJp7a4V7oigNgDEn+tyOZfqd
ZhGGNnG41WhWMoDDPmMTaj29PkKl9cf5SUBKZq5ukMIS8gBK1DIfro9G2dwjAhwC
bqL1VPihxKrG0y6+rVpBfbv3WK4f9fgZ4geiJhyJJK6222tYw7HSqgTC+TbColE8
ogPKEE67gltI4yRSlUJwaY6K6E+W1hk65/cy/sgatwIPvGbJDSmqtusUZr8D4Sxf
5ZXzVamzvP3+igmh5/4Ee813XLdHhU/8o+2kQNMcOiKU9LEC+yJYtS8694+jFJl5
wkBJxIw3xvXIvwz99ieZ+paB2gOqCvD4Wco2KEmEOynuAq3g81S+uALup89crKiZ
WFuAwiUxwXraObQgfordMFAw+xFld8bRciYoPW3u8zt1i7zg7vwF2A3nQQg4KOsP
16RghmZgX78VLXoWv03b6Dv1+KkTraji8Rn/rP7u1XOip6Yo2+rheXO1rvtEPECX
wwLbQZRlbyLsakWq/7kGPUz/OL45wgkLnDjedqVrmm9pwQYPx6gv2ZNqLoaeerlr
QaEVCTJ4i2eZhhXL9CyjhKrPjRk5tt2+aOEIDUa5tFkhpNmsljJZwYc56L1HLLVN
oHQ00BacJV1cGvNWsRPDzP63aTW703gT/YCboeA/IQYJyCkIuQo7aH7oB7Hd2mor
TsGzmlQjFFVplEmAxnPquQKF8unnzQEy6yLWgIxCORTdx2QIy7gR38wVpQjQL/4g
LA0p8yDckkbBHagedxYbu7N1zlC59auvuCUmq3oaIncjwBlbW5MAdcIqZ5Wr+WGI
UHHhVMJc166/5hjm5bU0SQFcOYZWlmB8YL1io4bLzxKc+4pTXyR6KmnIZINiSgNv
uC1xUlQqTo+grD98g3Xsf+9Tp6T/O8kKgZVzwH/nZPnwmSa6U/opbTvVCbuoEst7
Njw+vdizPUSS/60NB3YfbepIJf1EAiWXRaHybJjPsiGyVXRMrlCB8EkXDnG1R479
y2eiQ5Da28WIPfkEGg==
-----END ENCRYPTED PRIVATE KEY-----
5、OpenSSL后运行> rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem // 第三句命令生成公钥。
Terminal显示:
writing RSA key
最后附上截图。
生成的文件:
生成dsa文件的方法:
OpenSSL> dsaparam -out dsa_param.pem 1024 #生成参数文件
OpenSSL> gendsa -out dsa_private_key.pem dsa_param.pem #生成私钥
OpenSSL> pkcs8 -topk8 -inform PEM -in dsa_private_key.pem -outform PEM -nocrypt -out dsa_private_key_pkcs8.pem #Java开发者需要将私钥转换成PKCS8格式
OpenSSL> dsa -in dsa_private_key_pkcs8.pem -pubout -out dsa_public_key.pem #生成公钥
OpenSSL> exit #退出OpenSSL程序