自签证书生成:
openssl req -x509 -new -nodes -key xxx-ca.key -subj "/CN=xxx.xxx" -sha256 -days 5000 -out xxxx-ca.crt
openssl pkcs12 -export -clcerts -in xxx-ca.crt -inkey xxxx-ca.key -out client.p12
openssl x509 -in xxx.crt -out server.cer -outform der
crt格式转换成cer:
openssl x509 -in ca.crt -out server.cer -outform der
p12生成:(http://blog.51cto.com/lavasoft/1104993)
openssl pkcs12 -export -clcerts -in client-cert.cer/crt -inkey client-key.key -out client.p12
关于iOS双向认证
http://www.jianshu.com/p/43a19793cf62
https://www.jianshu.com/p/9e573607be13
HTTPS原理
https://blog.csdn.net/codingfire/article/details/51735504
详解 HTTPS、TLS、SSL、HTTP区别和关系
https://www.wosign.com/info/https_tls_ssl_http.htm
http://hengstart.iteye.com/blog/840561
网友评论