使用OpenSSL API将.crt转换为.pem-Java 学习之路

任何人都可以告诉我如何使用openssl API将.crt文件转换为.pem文件？我试过这样的：

FILE *fl = fopen(cert_filestr, "r");
fseek(fl, 0, SEEK_END);
long len = ftell(fl);
char *ret = malloc(len);
fseek(fl, 0, SEEK_SET);
fread(ret, 1, len, fl);
fclose(fl);
BIO* input = BIO_new_mem_buf((void*)ret, sizeof(ret));
x509 = d2i_X509_bio(input, NULL);
FILE* fd = fopen(certificateFile, "w+");
BIO* output = BIO_new_fp(fd, BIO_NOCLOSE);
X509_print_ex(output, x509, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
fclose(fd);

但这不起作用，x509始终为NULL .

1 回答

.crt证书"may be encoded as binary DER or as ASCII PEM."（见http://info.ssl.com/article.aspx?id=12149） .

如果您的.crt文件已经过PEM编码，则无需转换它，只需将文件名从.crt更改为.pem即可 .

如果它被编码为DER，则将其转换为PEM，如下例所示：

X509* x509 = NULL;
FILE* fd = NULL,*fl = NULL;

fl = fopen(cert_filestr,"rb");
if(fl) 
{
    fd = fopen(certificateFile,"w+");
    if(fd) 
    {
        x509 = d2i_X509_fp(fl,NULL);
        if(x509) 
        {
            PEM_write_X509(fd,x509);
        }
        else 
        {
           printf("failed to parse to X509 from fl");
        }
        fclose(fd);
    }
    else
    {
        printf("can't open fd");
    }
   fclose(fl);
}
else 
{
    printf("can't open f");
}

回复于 2024-04-19T15:17:28+08:00

使用OpenSSL API将.crt转换为.pem

1 回答

相关问题