Your keys may already be in PEM format, but just named with .crt or .key.
(您的密钥可能已经采用PEM格式,但只能使用.crt或.key命名。)
If the file's content begins with -----BEGIN and you can read it in a text editor:
(如果文件的内容以-----BEGIN开头,您可以在文本编辑器中阅读:)
The file uses base64, which is readable in ASCII, not binary format.
(该文件使用base64,它是ASCII可读的,而不是二进制格式。)
The certificate is already in PEM format. (证书已采用PEM格式。)
Just change the extension to .pem. (只需将扩展名更改为.pem即可。)
If the file is in binary:
(如果文件是二进制文件:)
For the server.crt, you would use
(对于server.crt,您可以使用)
openssl x509 -inform DER -outform PEM -in server.crt -out server.crt.pem
For server.key, use openssl rsa in place of openssl x509 .
(对于server.key,使用openssl rsa代替openssl x509 。)
The server.key is likely your private key, and the .crt file is the returned, signed, x509 certificate.
(server.key可能是您的私钥,.crt文件是返回的,已签名的x509证书。)
If this is for a Web server and you cannot specify loading a separate private and public key:
(如果这是用于Web服务器而您无法指定加载单独的私钥和公钥:)
You may need to concatenate the two files.
(您可能需要连接这两个文件。)
For this use: (用于此用途:)
cat server.crt server.key > server.includesprivatekey.pem
I would recommend naming files with "includesprivatekey" to help you manage the permissions you keep with this file.
(我建议使用“includesprivatekey”命名文件,以帮助您管理对此文件保留的权限。)
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
