當(dāng)前位置：首頁 > 编程资源 > 编程问答 >内容正文

编程问答

openssl的x509命令简单入门

發(fā)布時(shí)間：2023/12/16 编程问答 26 豆豆

生活随笔收集整理的這篇文章主要介紹了 openssl的x509命令简单入门小編覺得挺不錯(cuò)的,現(xiàn)在分享給大家,幫大家做個(gè)參考.

openssl的x509命令簡單入門

openssl是一個(gè)強(qiáng)大的開源工具包，它能夠完成完成各種和ssl有關(guān)的操作。

命令說明

openssl -help?會(huì)得到如下的提示：

openssl:Error: '-help' is an invalid command.Standard commands asn1parse ca ciphers cms crl crl2pkcs7 dgst dh dhparam dsa dsaparam ec ecparam enc engine errstr gendh gendsa genpkey genrsa nseq ocsp passwd pkcs12 pkcs7 pkcs8 pkey pkeyparam pkeyutl prime rand req rsa rsautl s_client s_server s_time sess_id smime speed spkac srp ts verify version x509 Message Digest commands (see the `dgst' command for more details) md4 md5 mdc2 rmd160 sha sha1 Cipher commands (see the `enc' command for more details) aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb aes-256-cbc aes-256-ecb base64 bf bf-cbc bf-cfb bf-ecb bf-ofb camellia-128-cbc camellia-128-ecb camellia-192-cbc camellia-192-ecb camellia-256-cbc camellia-256-ecb cast cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb des des-cbc des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb des-ede-ofb des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb des-ofb des3 desx idea idea-cbc idea-cfb idea-ecb idea-ofb rc2 rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb rc2-ecb rc2-ofb rc4 rc4-40 seed seed-cbc seed-cfb seed-ecb seed-ofb zlib

通過上面的參數(shù)可以發(fā)現(xiàn)openssl為為我們提供了大量的參數(shù)，每一個(gè)參數(shù)下面又有其對(duì)應(yīng)的子參數(shù)，今天，我就熟悉一下x509參數(shù)。

通過openssl x509 -help參數(shù)可以得到x509下面的所有子參數(shù)。x509的子參數(shù)非常多。大概有50多條。

-inform arg - input format - default PEM (one of DER, NET or PEM) -outform arg - output format - default PEM (one of DER, NET or PEM) -keyform arg - private key format - default PEM -CAform arg - CA format - default PEM -CAkeyform arg - CA key format - default PEM -in arg - input file - default stdin -out arg - output file - default stdout -passin arg - private key password source -serial - print serial number value -subject_hash - print subject hash value -subject_hash_old - print old-style (MD5) subject hash value -issuer_hash - print issuer hash value -issuer_hash_old - print old-style (MD5) issuer hash value -hash - synonym for -subject_hash -subject - print subject DN -issuer - print issuer DN -email - print email address(es) -startdate - notBefore field -enddate - notAfter field -purpose - print out certificate purposes -dates - both Before and After dates -modulus - print the RSA key modulus -pubkey - output the public key -fingerprint - print the certificate fingerprint -alias - output certificate alias -noout - no certificate output -ocspid - print OCSP hash values for the subject name and public key -ocsp_uri - print OCSP Responder URL(s) -trustout - output a "trusted" certificate -clrtrust - clear all trusted purposes -clrreject - clear all rejected purposes -addtrust arg - trust certificate for a given purpose -addreject arg - reject certificate for a given purpose -setalias arg - set certificate alias -days arg - How long till expiry of a signed certificate - def 30 days -checkend arg - check whether the cert expires in the next arg seconds exit 1 if so, 0 if not-signkey arg - self sign cert with arg -x509toreq - output a certification request object -req - input is a certificate request, sign and output. -CA arg - set the CA certificate, must be PEM format. -CAkey arg - set the CA key, must be PEM format missing, it is assumed to be in the CA file.-CAcreateserial - create serial number file if it does not exist -CAserial arg - serial file -set_serial - serial number to use -text - print the certificate in text form -C - print out C code forms -md2/-md5/-sha1/-mdc2 - digest to use -extfile - configuration file with X509V3 extensions to add -extensions - section from config file with X509V3 extensions to add -clrext - delete extensions before signing and input certificate -nameopt arg - various certificate name options -engine e - use engine e, possibly a hardware device. -certopt arg - various certificate text options -checkhost host - check certificate matches "host" -checkemail email - check certificate matches "email" -checkip ipaddr - check certificate matches "ipaddr"

inform和outform命令后面可選的參數(shù)有三個(gè)：PEM、DER、PEM。默認(rèn)是PEM。用于控制輸入和輸出的文件類型。

keyform：用于設(shè)置私鑰的格式，默認(rèn)格式是PEM。

CAform：用于設(shè)置CA的格式，默認(rèn)格式是PEM。

CAkeyform：用于設(shè)置CA的公鑰的格式，默認(rèn)格式是PEM。

in：指定輸入文件，默認(rèn)是標(biāo)準(zhǔn)輸入。

out：指定輸出文件，默認(rèn)是標(biāo)準(zhǔn)輸出。

passin：指定私鑰密碼的來源。

seria：顯示序列號(hào)。

subject_hash：顯示項(xiàng)目的hash值。

subject_hash_old：用md5方式顯示項(xiàng)目的hash值

issuer_hash：顯示簽發(fā)者的hash

issuer_hash_old：使用md5方式顯示項(xiàng)目的hash值

hash：和subject_hash命令一樣

subject：打印項(xiàng)目的DN

issuer：打印簽發(fā)者的DN

email：打印email地址

startdate：打印開始日期

enddate：打印結(jié)束日期

purpose：打印證書的用途

dates：打印開始日期和結(jié)束日期

modulus：打印RSA的系數(shù)

public：輸出公鑰

fingerprint：輸出證書的指紋

alias：輸出證書的別名

noout：沒證書輸出

ocspid：輸出OCSP的項(xiàng)目名和公鑰的hash值

ocsp_uri：輸出OCSP響應(yīng)者的URL

trustout ：輸出一個(gè)受信的證書

clrtrust：清除所有受信的目的

clrreject：清除所有拒絕的目的

addtrust：為一個(gè)給定的目的信任證書

addreject：為一個(gè)給定的目的拒絕證書

setalias：設(shè)置證書的別名

days: 設(shè)置證書的有效期時(shí)間，默認(rèn)30天

checkend：檢測證書是否在arg秒后過期

signkey：用arg自簽名證書

x509toreq：輸出一個(gè)證書請(qǐng)求

req：輸入是一個(gè)證書請(qǐng)求，簽名和輸出

CA：設(shè)置CA證書，必須是PEM格式的

CAkey：設(shè)置CA的key，必須是PEM格式

CAcreateserial：如果序列號(hào)不存在時(shí)創(chuàng)建序列號(hào)

CAserial：連續(xù)文件

set_serial：使用序列號(hào)

text：以文本格式輸出證書

C：輸出C 代碼格式

md2/md5/sha1/mdc2：摘要

extfile：使用X509V3擴(kuò)展的配置文件

extensions：使用X509V3擴(kuò)展的配置文件的部分

clrext：在簽名和輸入證書之前刪除擴(kuò)展

nameopt ：多樣的證書名稱選擇

engine：使用引擎，可能是一個(gè)硬件設(shè)備

certopt：多樣的證書文本選擇

checkhost：通過host驗(yàn)證證書

checkmail：通過email驗(yàn)證證書

checkip：通過ip驗(yàn)證證書

上面這么多很多事對(duì)英文的翻譯，可能有些部分翻譯不準(zhǔn)確。

下面是對(duì)這些參數(shù)的一些使用例子。

參數(shù)使用

我準(zhǔn)備了一張百度的證書：

in

在命令行輸入?openssl x509 -in baidu.pem?，得到的效果如下圖：

顯示的就是證書的PEM格式內(nèi)容。

noout

在命令行中輸入openssl x509 -in baidu.pem -noout?界面上沒有任何輸出。

serial

在命令行中輸入?openssl x509 -in baidu.pem -noout -serial，界面上會(huì)輸出這張證書的序列號(hào)：

subject_hash

在命令行中輸入openssl x509 -in baidu.pem -noout -subject_hash，界面上會(huì)輸出這張證書的主題的hash值：

subject_hash_old

在命令行中輸入openssl x509 -in baidu.pem -noout -subject_hash_old，界面上會(huì)輸出這張證書的主題的md5值：

issuer_hash

在命令行中輸入openssl x509 -in baidu.pem -noout -issuer_hash，界面上會(huì)顯示出這張證書的簽發(fā)者的hash值：

issuer_hash_old

在命令行中輸入openssl x509 -in baidu.pem -noout -issuer_hash_old，界面上會(huì)顯示出這張證書的簽發(fā)者的md5值：

hash

在命令行中輸入openssl x509 -in baidu.pem -noout -hash，界面上會(huì)出現(xiàn)這張證書的主題的hash值：

我們可以發(fā)現(xiàn)使用-hash的結(jié)果和使用-subject_hash的結(jié)果是一樣的。

subject

在命令行中輸入openssl x509 -in baidu.pem -noout -subject，界面上會(huì)出現(xiàn)這張證書的主題的主題內(nèi)容：

issuer

在命令行中輸入openssl x509 -in baidu.pem -noout -issuer，界面上會(huì)出現(xiàn)這張證書的簽發(fā)者的內(nèi)容：

email

在命令行中輸入openssl x509 -in baidu.pem -noout -email，如果這張證書有填寫email的話會(huì)顯示出email信息，如果沒有就不顯示。百度這張證書沒有提供email。因此，并沒有任何顯示

startdate

在命令行中輸入openssl x509 -in baidu.pem -noout -startdate，界面上會(huì)顯示出這張證書起始時(shí)間：

enddate

在命令行中輸入openssl x509 -in baidu.pem -noout -enddate，界面上會(huì)顯示出這張證書的結(jié)束時(shí)間：

purpose

在命令行中輸入openssl x509 -in baidu.pem -noout -purpose，界面上會(huì)出現(xiàn)這張證書的用途：

dates

在命令行中輸入openssl x509 -in baidu.pem -noout -dates?，界面上會(huì)顯示證書的有效期：

modulus

在命令行中輸入openssl x509 -in baidu.pem -noout -modulus,界面會(huì)顯示證書的RSA的公共秘鑰：

pubkey

在命令行中輸入openssl x509 -in baidu.pem -noout -pubkey?，界面會(huì)顯示證書的公鑰信息：

fingerprint

在命令行中輸入openssl x509 -in baidu.pem -noout -fingerprint，界面會(huì)顯示證書的指紋信息：

alias

在命令行中輸入openssl x509 -in baidu.pem -noout -alias，界面會(huì)顯示出證書的別名，如果沒有別名，則會(huì)顯示\

ocspid

在命令行中輸入openssl x509 -in baidu.pem -noout -ocspid，如果證書中有ocspid的信息，顯示，沒有則不顯示。

ocsp_uri

在命令行中輸入?openssl x509 -in baidu.pem -noout -ocsp_uri，界面會(huì)顯示ocsp的url地址：

test

在命令行中輸入openssl x509 -in baidu.pem -noout -text,界面會(huì)顯示已文本形式的證書信息：

Certificate:Data:Version: 3 (0x2)Serial Number:76:29:aa:20:fa:8a:8e:76:24:a2:19:36:f4:ad:1a:aaSignature Algorithm: sha1WithRSAEncryptionIssuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3ValidityNot Before: Sep 17 00:00:00 2015 GMTNot After : Aug 31 23:59:59 2016 GMTSubject: C=CN, ST=Beijing, L=Beijing, O=Beijing Baidu Netcom Science Technology Co., Ltd., OU=service operation department, CN=baidu.comSubject Public Key Info:Public Key Algorithm: rsaEncryptionPublic-Key: (2048 bit)Modulus:00:a8:72:cf:eb:76:51:bb:01:1e:16:51:1c:0e:64:5b:26:59:f5:5b:82:20:16:3e:77:78:62:c0:e2:f6:53:1e:09:2d:62:b4:27:07:3a:5d:9b:9a:3c:04:2f:69:0b:1e:64:99:a6:f0:e6:d8:6c:82:7e:0a:00:72:c1:8c:27:9e:f2:b2:6b:6c:06:65:50:a0:b3:0d:2a:fa:df:fb:ac:f4:32:61:ac:a7:59:3b:2c:82:18:c0:fb:d7:00:0e:d8:08:7e:53:1e:df:b0:a4:eb:ee:30:28:27:eb:c5:dd:82:c5:20:73:2e:5e:40:51:ed:e6:27:72:ea:c0:24:9a:5d:c2:f8:1b:b0:61:25:be:5e:2f:bb:1c:11:d6:a0:d1:f0:30:07:c5:28:4a:5a:4c:24:23:b2:40:68:74:3b:ed:93:d7:87:12:26:c4:01:0f:0a:09:68:74:1c:5d:18:a9:b2:6b:d7:4e:b2:ec:36:0b:92:b8:c6:b6:9e:ca:4e:59:bd:26:79:d2:95:e1:69:2d:e8:4a:ac:2c:44:d1:c6:33:ab:7e:6f:d9:2a:72:e0:3b:64:cb:ab:1b:d3:05:db:c6:76:8a:ee:6b:14:2a:ef:59:48:2a:3d:0b:93:dd:6e:72:2e:a3:eb:d0:3b:89:0d:8a:92:55:dd:02:89:c4:93:2e:cf:ce:afExponent: 65537 (0x10001)X509v3 extensions:X509v3 Subject Alternative Name: DNS:*.baidu.com, DNS:*.nuomi.com, DNS:*.hao123.com, DNS:*.bdstatic.com, DNS:www.baidu.com.cn, DNS:www.baidu.cn, DNS:sapi.map.baidu.com, DNS:loc.map.baidu.com, DNS:log.hm.baidu.com, DNS:baidu.com, DNS:api.map.baidu.com, DNS:console.bce.baidu.com, DNS:login.bce.baidu.comX509v3 Basic Constraints: CA:FALSEX509v3 Key Usage: criticalDigital Signature, Key EnciphermentX509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication, Netscape Server Gated CryptoX509v3 Certificate Policies: Policy: 2.23.140.1.2.2CPS: https://d.symcb.com/cpsUser Notice:Explicit Text: https://d.symcb.com/rpaX509v3 Authority Key Identifier: keyid:D7:9B:7C:D8:22:A0:15:F7:DD:AD:5F:CE:29:9B:58:C3:BC:46:00:B5X509v3 CRL Distribution Points: Full Name:URI:http://se.symcb.com/se.crlAuthority Information Access: OCSP - URI:http://se.symcd.comCA Issuers - URI:http://se.symcb.com/se.crtSignature Algorithm: sha1WithRSAEncryption2c:f7:8a:6d:8a:0e:9e:d2:1e:ef:30:a7:ff:e5:6f:d1:0e:0b:c7:58:d3:3a:b1:46:c4:53:67:4c:bc:44:f9:ca:aa:a6:f3:cd:00:e4:5f:15:96:bc:2a:cc:b9:eb:cc:ce:a0:c7:d6:07:04:06:94:10:ab:6a:b7:d1:d2:7b:a7:31:a3:76:80:bc:d3:51:7c:3a:a0:6d:04:2c:4c:0c:8e:83:c1:17:42:30:2f:c1:07:16:22:c4:15:ee:2b:da:9f:30:0b:d7:47:5d:50:36:75:a7:62:cf:da:13:05:2d:39:88:b3:ab:4e:b3:98:e4:68:3b:0e:43:2f:b1:4b:32:9a:c3:23:85:4e:bc:0f:7c:36:ce:8e:a8:b3:99:4e:66:5f:a2:a2:11:90:3f:6f:bb:fa:60:9a:45:0d:01:43:67:c0:b0:c0:1c:48:83:cd:35:f6:b0:11:f8:bc:20:4f:8d:b5:75:9f:36:27:12:90:af:af:c1:60:b7:e8:1b:d8:73:95:3b:f9:9e:9b:5b:64:5e:e6:df:e9:2d:56:b4:e6:8f:b9:ab:fe:aa:43:6c:7c:be:e3:6a:5a:8b:1a:e0:6a:4b:17:72:2d:16:d8:4b:f1:83:cd:a2:dd:32:e1:44:28:42:c5:dd:13:a4:51:a8:bf:fe:30:da:93:36:c5:1e:76:e0:c6:cd

C

在控制臺(tái)中輸入openssl x509 -in baidu.pem -noout -C，界面上會(huì)以C代碼的形式展示出證書的信息：

/* subject:/C=CN/ST=Beijing/L=Beijing/O=Beijing Baidu Netcom Science Technology Co., Ltd./OU=service operation department/CN=baidu.com */ /* issuer :/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 International Server CA - G3 */ unsigned char XXX_subject_name[171]={ 0x30,0x81,0xA8,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x43,0x4E, 0x31,0x10,0x30,0x0E,0x06,0x03,0x55,0x04,0x08,0x13,0x07,0x42,0x65,0x69,0x6A,0x69, 0x6E,0x67,0x31,0x10,0x30,0x0E,0x06,0x03,0x55,0x04,0x07,0x14,0x07,0x42,0x65,0x69, 0x6A,0x69,0x6E,0x67,0x31,0x3A,0x30,0x38,0x06,0x03,0x55,0x04,0x0A,0x14,0x31,0x42, 0x65,0x69,0x6A,0x69,0x6E,0x67,0x20,0x42,0x61,0x69,0x64,0x75,0x20,0x4E,0x65,0x74, 0x63,0x6F,0x6D,0x20,0x53,0x63,0x69,0x65,0x6E,0x63,0x65,0x20,0x54,0x65,0x63,0x68, 0x6E,0x6F,0x6C,0x6F,0x67,0x79,0x20,0x43,0x6F,0x2E,0x2C,0x20,0x4C,0x74,0x64,0x2E, 0x31,0x25,0x30,0x23,0x06,0x03,0x55,0x04,0x0B,0x14,0x1C,0x73,0x65,0x72,0x76,0x69, 0x63,0x65,0x20,0x6F,0x70,0x65,0x72,0x61,0x74,0x69,0x6F,0x6E,0x20,0x64,0x65,0x70, 0x61,0x72,0x74,0x6D,0x65,0x6E,0x74,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x03, 0x14,0x09,0x62,0x61,0x69,0x64,0x75,0x2E,0x63,0x6F,0x6D, }; unsigned char XXX_public_key[294]={ 0x30,0x82,0x01,0x22,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, 0x01,0x05,0x00,0x03,0x82,0x01,0x0F,0x00,0x30,0x82,0x01,0x0A,0x02,0x82,0x01,0x01, 0x00,0xA8,0x72,0xCF,0xEB,0x76,0x51,0xBB,0x01,0x1E,0x16,0x51,0x1C,0x0E,0x64,0x5B, 0x26,0x59,0xF5,0x5B,0x82,0x20,0x16,0x3E,0x77,0x78,0x62,0xC0,0xE2,0xF6,0x53,0x1E, 0x09,0x2D,0x62,0xB4,0x27,0x07,0x3A,0x5D,0x9B,0x9A,0x3C,0x04,0x2F,0x69,0x0B,0x1E, 0x64,0x99,0xA6,0xF0,0xE6,0xD8,0x6C,0x82,0x7E,0x0A,0x00,0x72,0xC1,0x8C,0x27,0x9E, 0xF2,0xB2,0x6B,0x6C,0x06,0x65,0x50,0xA0,0xB3,0x0D,0x2A,0xFA,0xDF,0xFB,0xAC,0xF4, 0x32,0x61,0xAC,0xA7,0x59,0x3B,0x2C,0x82,0x18,0xC0,0xFB,0xD7,0x00,0x0E,0xD8,0x08, 0x7E,0x53,0x1E,0xDF,0xB0,0xA4,0xEB,0xEE,0x30,0x28,0x27,0xEB,0xC5,0xDD,0x82,0xC5, 0x20,0x73,0x2E,0x5E,0x40,0x51,0xED,0xE6,0x27,0x72,0xEA,0xC0,0x24,0x9A,0x5D,0xC2, 0xF8,0x1B,0xB0,0x61,0x25,0xBE,0x5E,0x2F,0xBB,0x1C,0x11,0xD6,0xA0,0xD1,0xF0,0x30, 0x07,0xC5,0x28,0x4A,0x5A,0x4C,0x24,0x23,0xB2,0x40,0x68,0x74,0x3B,0xED,0x93,0xD7, 0x87,0x12,0x26,0xC4,0x01,0x0F,0x0A,0x09,0x68,0x74,0x1C,0x5D,0x18,0xA9,0xB2,0x6B, 0xD7,0x4E,0xB2,0xEC,0x36,0x0B,0x92,0xB8,0xC6,0xB6,0x9E,0xCA,0x4E,0x59,0xBD,0x26, 0x79,0xD2,0x95,0xE1,0x69,0x2D,0xE8,0x4A,0xAC,0x2C,0x44,0xD1,0xC6,0x33,0xAB,0x7E, 0x6F,0xD9,0x2A,0x72,0xE0,0x3B,0x64,0xCB,0xAB,0x1B,0xD3,0x05,0xDB,0xC6,0x76,0x8A, 0xEE,0x6B,0x14,0x2A,0xEF,0x59,0x48,0x2A,0x3D,0x0B,0x93,0xDD,0x6E,0x72,0x2E,0xA3, 0xEB,0xD0,0x3B,0x89,0x0D,0x8A,0x92,0x55,0xDD,0x02,0x89,0xC4,0x93,0x2E,0xCF,0xCE, 0xAF,0x02,0x03,0x01,0x00,0x01, }; unsigned char XXX_certificate[1586]={ 0x30,0x82,0x06,0x2E,0x30,0x82,0x05,0x16,0xA0,0x03,0x02,0x01,0x02,0x02,0x10,0x76, 0x29,0xAA,0x20,0xFA,0x8A,0x8E,0x76,0x24,0xA2,0x19,0x36,0xF4,0xAD,0x1A,0xAA,0x30, 0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,0x05,0x00,0x30,0x81, 0xBC,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x17, 0x30,0x15,0x06,0x03,0x55,0x04,0x0A,0x13,0x0E,0x56,0x65,0x72,0x69,0x53,0x69,0x67, 0x6E,0x2C,0x20,0x49,0x6E,0x63,0x2E,0x31,0x1F,0x30,0x1D,0x06,0x03,0x55,0x04,0x0B, 0x13,0x16,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6E,0x20,0x54,0x72,0x75,0x73,0x74, 0x20,0x4E,0x65,0x74,0x77,0x6F,0x72,0x6B,0x31,0x3B,0x30,0x39,0x06,0x03,0x55,0x04, 0x0B,0x13,0x32,0x54,0x65,0x72,0x6D,0x73,0x20,0x6F,0x66,0x20,0x75,0x73,0x65,0x20, 0x61,0x74,0x20,0x68,0x74,0x74,0x70,0x73,0x3A,0x2F,0x2F,0x77,0x77,0x77,0x2E,0x76, 0x65,0x72,0x69,0x73,0x69,0x67,0x6E,0x2E,0x63,0x6F,0x6D,0x2F,0x72,0x70,0x61,0x20, 0x28,0x63,0x29,0x31,0x30,0x31,0x36,0x30,0x34,0x06,0x03,0x55,0x04,0x03,0x13,0x2D, 0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6E,0x20,0x43,0x6C,0x61,0x73,0x73,0x20,0x33, 0x20,0x49,0x6E,0x74,0x65,0x72,0x6E,0x61,0x74,0x69,0x6F,0x6E,0x61,0x6C,0x20,0x53, 0x65,0x72,0x76,0x65,0x72,0x20,0x43,0x41,0x20,0x2D,0x20,0x47,0x33,0x30,0x1E,0x17, 0x0D,0x31,0x35,0x30,0x39,0x31,0x37,0x30,0x30,0x30,0x30,0x30,0x30,0x5A,0x17,0x0D, 0x31,0x36,0x30,0x38,0x33,0x31,0x32,0x33,0x35,0x39,0x35,0x39,0x5A,0x30,0x81,0xA8, 0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x43,0x4E,0x31,0x10,0x30, 0x0E,0x06,0x03,0x55,0x04,0x08,0x13,0x07,0x42,0x65,0x69,0x6A,0x69,0x6E,0x67,0x31, 0x10,0x30,0x0E,0x06,0x03,0x55,0x04,0x07,0x14,0x07,0x42,0x65,0x69,0x6A,0x69,0x6E, 0x67,0x31,0x3A,0x30,0x38,0x06,0x03,0x55,0x04,0x0A,0x14,0x31,0x42,0x65,0x69,0x6A, 0x69,0x6E,0x67,0x20,0x42,0x61,0x69,0x64,0x75,0x20,0x4E,0x65,0x74,0x63,0x6F,0x6D, 0x20,0x53,0x63,0x69,0x65,0x6E,0x63,0x65,0x20,0x54,0x65,0x63,0x68,0x6E,0x6F,0x6C, 0x6F,0x67,0x79,0x20,0x43,0x6F,0x2E,0x2C,0x20,0x4C,0x74,0x64,0x2E,0x31,0x25,0x30, 0x23,0x06,0x03,0x55,0x04,0x0B,0x14,0x1C,0x73,0x65,0x72,0x76,0x69,0x63,0x65,0x20, 0x6F,0x70,0x65,0x72,0x61,0x74,0x69,0x6F,0x6E,0x20,0x64,0x65,0x70,0x61,0x72,0x74, 0x6D,0x65,0x6E,0x74,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x03,0x14,0x09,0x62, 0x61,0x69,0x64,0x75,0x2E,0x63,0x6F,0x6D,0x30,0x82,0x01,0x22,0x30,0x0D,0x06,0x09, 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0F,0x00, 0x30,0x82,0x01,0x0A,0x02,0x82,0x01,0x01,0x00,0xA8,0x72,0xCF,0xEB,0x76,0x51,0xBB, 0x01,0x1E,0x16,0x51,0x1C,0x0E,0x64,0x5B,0x26,0x59,0xF5,0x5B,0x82,0x20,0x16,0x3E, 0x77,0x78,0x62,0xC0,0xE2,0xF6,0x53,0x1E,0x09,0x2D,0x62,0xB4,0x27,0x07,0x3A,0x5D, 0x9B,0x9A,0x3C,0x04,0x2F,0x69,0x0B,0x1E,0x64,0x99,0xA6,0xF0,0xE6,0xD8,0x6C,0x82, 0x7E,0x0A,0x00,0x72,0xC1,0x8C,0x27,0x9E,0xF2,0xB2,0x6B,0x6C,0x06,0x65,0x50,0xA0, 0xB3,0x0D,0x2A,0xFA,0xDF,0xFB,0xAC,0xF4,0x32,0x61,0xAC,0xA7,0x59,0x3B,0x2C,0x82, 0x18,0xC0,0xFB,0xD7,0x00,0x0E,0xD8,0x08,0x7E,0x53,0x1E,0xDF,0xB0,0xA4,0xEB,0xEE, 0x30,0x28,0x27,0xEB,0xC5,0xDD,0x82,0xC5,0x20,0x73,0x2E,0x5E,0x40,0x51,0xED,0xE6, 0x27,0x72,0xEA,0xC0,0x24,0x9A,0x5D,0xC2,0xF8,0x1B,0xB0,0x61,0x25,0xBE,0x5E,0x2F, 0xBB,0x1C,0x11,0xD6,0xA0,0xD1,0xF0,0x30,0x07,0xC5,0x28,0x4A,0x5A,0x4C,0x24,0x23, 0xB2,0x40,0x68,0x74,0x3B,0xED,0x93,0xD7,0x87,0x12,0x26,0xC4,0x01,0x0F,0x0A,0x09, 0x68,0x74,0x1C,0x5D,0x18,0xA9,0xB2,0x6B,0xD7,0x4E,0xB2,0xEC,0x36,0x0B,0x92,0xB8, 0xC6,0xB6,0x9E,0xCA,0x4E,0x59,0xBD,0x26,0x79,0xD2,0x95,0xE1,0x69,0x2D,0xE8,0x4A, 0xAC,0x2C,0x44,0xD1,0xC6,0x33,0xAB,0x7E,0x6F,0xD9,0x2A,0x72,0xE0,0x3B,0x64,0xCB, 0xAB,0x1B,0xD3,0x05,0xDB,0xC6,0x76,0x8A,0xEE,0x6B,0x14,0x2A,0xEF,0x59,0x48,0x2A, 0x3D,0x0B,0x93,0xDD,0x6E,0x72,0x2E,0xA3,0xEB,0xD0,0x3B,0x89,0x0D,0x8A,0x92,0x55, 0xDD,0x02,0x89,0xC4,0x93,0x2E,0xCF,0xCE,0xAF,0x02,0x03,0x01,0x00,0x01,0xA3,0x82, 0x02,0x3C,0x30,0x82,0x02,0x38,0x30,0x81,0xE6,0x06,0x03,0x55,0x1D,0x11,0x04,0x81, 0xDE,0x30,0x81,0xDB,0x82,0x0B,0x2A,0x2E,0x62,0x61,0x69,0x64,0x75,0x2E,0x63,0x6F, 0x6D,0x82,0x0B,0x2A,0x2E,0x6E,0x75,0x6F,0x6D,0x69,0x2E,0x63,0x6F,0x6D,0x82,0x0C, 0x2A,0x2E,0x68,0x61,0x6F,0x31,0x32,0x33,0x2E,0x63,0x6F,0x6D,0x82,0x0E,0x2A,0x2E, 0x62,0x64,0x73,0x74,0x61,0x74,0x69,0x63,0x2E,0x63,0x6F,0x6D,0x82,0x10,0x77,0x77, 0x77,0x2E,0x62,0x61,0x69,0x64,0x75,0x2E,0x63,0x6F,0x6D,0x2E,0x63,0x6E,0x82,0x0C, 0x77,0x77,0x77,0x2E,0x62,0x61,0x69,0x64,0x75,0x2E,0x63,0x6E,0x82,0x12,0x73,0x61, 0x70,0x69,0x2E,0x6D,0x61,0x70,0x2E,0x62,0x61,0x69,0x64,0x75,0x2E,0x63,0x6F,0x6D, 0x82,0x11,0x6C,0x6F,0x63,0x2E,0x6D,0x61,0x70,0x2E,0x62,0x61,0x69,0x64,0x75,0x2E, 0x63,0x6F,0x6D,0x82,0x10,0x6C,0x6F,0x67,0x2E,0x68,0x6D,0x2E,0x62,0x61,0x69,0x64, 0x75,0x2E,0x63,0x6F,0x6D,0x82,0x09,0x62,0x61,0x69,0x64,0x75,0x2E,0x63,0x6F,0x6D, 0x82,0x11,0x61,0x70,0x69,0x2E,0x6D,0x61,0x70,0x2E,0x62,0x61,0x69,0x64,0x75,0x2E, 0x63,0x6F,0x6D,0x82,0x15,0x63,0x6F,0x6E,0x73,0x6F,0x6C,0x65,0x2E,0x62,0x63,0x65, 0x2E,0x62,0x61,0x69,0x64,0x75,0x2E,0x63,0x6F,0x6D,0x82,0x13,0x6C,0x6F,0x67,0x69, 0x6E,0x2E,0x62,0x63,0x65,0x2E,0x62,0x61,0x69,0x64,0x75,0x2E,0x63,0x6F,0x6D,0x30, 0x09,0x06,0x03,0x55,0x1D,0x13,0x04,0x02,0x30,0x00,0x30,0x0E,0x06,0x03,0x55,0x1D, 0x0F,0x01,0x01,0xFF,0x04,0x04,0x03,0x02,0x05,0xA0,0x30,0x28,0x06,0x03,0x55,0x1D, 0x25,0x04,0x21,0x30,0x1F,0x06,0x08,0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01,0x06, 0x08,0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02,0x06,0x09,0x60,0x86,0x48,0x01,0x86, 0xF8,0x42,0x04,0x01,0x30,0x61,0x06,0x03,0x55,0x1D,0x20,0x04,0x5A,0x30,0x58,0x30, 0x56,0x06,0x06,0x67,0x81,0x0C,0x01,0x02,0x02,0x30,0x4C,0x30,0x23,0x06,0x08,0x2B, 0x06,0x01,0x05,0x05,0x07,0x02,0x01,0x16,0x17,0x68,0x74,0x74,0x70,0x73,0x3A,0x2F, 0x2F,0x64,0x2E,0x73,0x79,0x6D,0x63,0x62,0x2E,0x63,0x6F,0x6D,0x2F,0x63,0x70,0x73, 0x30,0x25,0x06,0x08,0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02,0x30,0x19,0x1A,0x17, 0x68,0x74,0x74,0x70,0x73,0x3A,0x2F,0x2F,0x64,0x2E,0x73,0x79,0x6D,0x63,0x62,0x2E, 0x63,0x6F,0x6D,0x2F,0x72,0x70,0x61,0x30,0x1F,0x06,0x03,0x55,0x1D,0x23,0x04,0x18, 0x30,0x16,0x80,0x14,0xD7,0x9B,0x7C,0xD8,0x22,0xA0,0x15,0xF7,0xDD,0xAD,0x5F,0xCE, 0x29,0x9B,0x58,0xC3,0xBC,0x46,0x00,0xB5,0x30,0x2B,0x06,0x03,0x55,0x1D,0x1F,0x04, 0x24,0x30,0x22,0x30,0x20,0xA0,0x1E,0xA0,0x1C,0x86,0x1A,0x68,0x74,0x74,0x70,0x3A, 0x2F,0x2F,0x73,0x65,0x2E,0x73,0x79,0x6D,0x63,0x62,0x2E,0x63,0x6F,0x6D,0x2F,0x73, 0x65,0x2E,0x63,0x72,0x6C,0x30,0x57,0x06,0x08,0x2B,0x06,0x01,0x05,0x05,0x07,0x01, 0x01,0x04,0x4B,0x30,0x49,0x30,0x1F,0x06,0x08,0x2B,0x06,0x01,0x05,0x05,0x07,0x30, 0x01,0x86,0x13,0x68,0x74,0x74,0x70,0x3A,0x2F,0x2F,0x73,0x65,0x2E,0x73,0x79,0x6D, 0x63,0x64,0x2E,0x63,0x6F,0x6D,0x30,0x26,0x06,0x08,0x2B,0x06,0x01,0x05,0x05,0x07, 0x30,0x02,0x86,0x1A,0x68,0x74,0x74,0x70,0x3A,0x2F,0x2F,0x73,0x65,0x2E,0x73,0x79, 0x6D,0x63,0x62,0x2E,0x63,0x6F,0x6D,0x2F,0x73,0x65,0x2E,0x63,0x72,0x74,0x30,0x0D, 0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,0x05,0x00,0x03,0x82,0x01, 0x01,0x00,0x2C,0xF7,0x8A,0x6D,0x8A,0x0E,0x9E,0xD2,0x1E,0xEF,0x30,0xA7,0xFF,0xE5, 0x6F,0xD1,0x0E,0x0B,0xC7,0x58,0xD3,0x3A,0xB1,0x46,0xC4,0x53,0x67,0x4C,0xBC,0x44, 0xF9,0xCA,0xAA,0xA6,0xF3,0xCD,0x00,0xE4,0x5F,0x15,0x96,0xBC,0x2A,0xCC,0xB9,0xEB, 0xCC,0xCE,0xA0,0xC7,0xD6,0x07,0x04,0x06,0x94,0x10,0xAB,0x6A,0xB7,0xD1,0xD2,0x7B, 0xA7,0x31,0xA3,0x76,0x80,0xBC,0xD3,0x51,0x7C,0x3A,0xA0,0x6D,0x04,0x2C,0x4C,0x0C, 0x8E,0x83,0xC1,0x17,0x42,0x30,0x2F,0xC1,0x07,0x16,0x22,0xC4,0x15,0xEE,0x2B,0xDA, 0x9F,0x30,0x0B,0xD7,0x47,0x5D,0x50,0x36,0x75,0xA7,0x62,0xCF,0xDA,0x13,0x05,0x2D, 0x39,0x88,0xB3,0xAB,0x4E,0xB3,0x98,0xE4,0x68,0x3B,0x0E,0x43,0x2F,0xB1,0x4B,0x32, 0x9A,0xC3,0x23,0x85,0x4E,0xBC,0x0F,0x7C,0x36,0xCE,0x8E,0xA8,0xB3,0x99,0x4E,0x66, 0x5F,0xA2,0xA2,0x11,0x90,0x3F,0x6F,0xBB,0xFA,0x60,0x9A,0x45,0x0D,0x01,0x43,0x67, 0xC0,0xB0,0xC0,0x1C,0x48,0x83,0xCD,0x35,0xF6,0xB0,0x11,0xF8,0xBC,0x20,0x4F,0x8D, 0xB5,0x75,0x9F,0x36,0x27,0x12,0x90,0xAF,0xAF,0xC1,0x60,0xB7,0xE8,0x1B,0xD8,0x73, 0x95,0x3B,0xF9,0x9E,0x9B,0x5B,0x64,0x5E,0xE6,0xDF,0xE9,0x2D,0x56,0xB4,0xE6,0x8F, 0xB9,0xAB,0xFE,0xAA,0x43,0x6C,0x7C,0xBE,0xE3,0x6A,0x5A,0x8B,0x1A,0xE0,0x6A,0x4B, 0x17,0x72,0x2D,0x16,0xD8,0x4B,0xF1,0x83,0xCD,0xA2,0xDD,0x32,0xE1,0x44,0x28,0x42, 0xC5,0xDD,0x13,0xA4,0x51,0xA8,0xBF,0xFE,0x30,0xDA,0x93,0x36,0xC5,0x1E,0x76,0xE0, 0xC6,0xCD, };

checkXXX

checkhost 驗(yàn)證域名是否在證書信息中，checkemail驗(yàn)證email是否在證書信息中，checkup 驗(yàn)證輸入的ip是否在證書的ip域中。

總結(jié)

以上是生活随笔為你收集整理的openssl的x509命令简单入门的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。

上一篇： Dell服务器的iDRAC虚拟控制台无法
下一篇：密码学常用工具，作图