dabing1022 · August 17, 2016 12:50
diff --git a/Mac OSX 使用OpenSSL生成RSA公匙、私匙（pem）与DER文件.sh b/Mac OSX 使用OpenSSL生成RSA公匙、私匙（pem）与DER文件.sh
 λ ChildhoddAndy [ChildhoodAndy/SampleDemos/OpenSSLTest] → openssl
 OpenS
 OpenSSL> genrsa -out rsa_private_key.pem 2048
 Generating RSA private key, 2048 bit long modulus
 ..+++
 .+++
 e is 65537 (0x10001)
 OpenSSL> pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM –nocrypt
 Enter Encryption Password:
 Verifying - Enter Encryption Password:
 -----BEGIN ENCRYPTED PRIVATE KEY-----
 MIIE6TAbBgkqhkiG9w0BBQMwDgQIBz0R+6NVGTsCAggABIIEyP9Xu/UC2VJV0Vx3
 LB42xmu5yOIC6YXGIAMDHUAtQfJ2SczdIWU9X9oVzfztwoFuMVKBQhUa3BzQoQ2C
 FoMYmDyj3knepT7nMb+PG0w0Q/MHF+o9bC1hufaPHQOM6n73++MoEDF1bY7m/w+R
 eOSU+hH2bdccONxyHiTZkPb81t9uzeHB4x2xAf7KWq0T3fuokUU9WVuN6YLsV/aW
 EUk+lg98+dVwCNa3RZLHHwQVtLUHu6gLtwx9d/lQdDdKVM/71ZJtu1fVIHBqOvI5
 8YxwySxPNV/IoMIB8s8hpKQelsSjr3LXQiRIVEgfP4uhglZdg4ujjH3QxriyO8w8
 UXIta4Iv2YZqPWkQYyvyYqzQAhIou6lQngytpO+QHnBc1Aj1AA6jwdaDZ8rjhBdQ
 SARj2P+aGFxDeDbRPbZ4pJqaF4rLMAI7OZhKwnFeiUS/fvtMoXH+AdYBi8aP82PB
 JXeADRaIA/s2T+XZLsx22iwRkbcHFLE/MSZt0cWzcZ6Ldp+TmJ6blRyDtQBaBk/r
 ufw9Rt484YFw1T2vkwDXOiGr/lkwJ4w2s6BhswDaE9SXRpElgNCqWQjxdgKqcSAi
 JrjOqu/k06ii9UxdSeljOv3mW/+MpadsEo/ikmKsDy/7cee9Q5gbsPL4QmsnRFUF
 6b3Bu1vMvgvwutr4ndEOP8W0Sd2Wqnv4WYzA5VIOOiOxBrabtcllFoCeRcNmGG4v
 v4C5jiy1udH3/K+0mW/6rVfyzd8gSQA0RKIS39dGeaYc9TYwvLRq4oh12DHws0ih
 pvR2xkqUjBQjWwjiCu9stLcD86wFspWPaTzt6AJ4qLpeChg7V7zA380Vu175JvXs
 lK79X3u6+D3exvelIvpdLYCPxyGZr4Y1R9uFJnJUlzCOmx07k29jqZOUzQJUD+jL
 7sjJlHXNzbTuiI+VKGX0YnUgCHmX59VcM+JtcPnVsOKb8DMsaWem466Ewj9kDWVW
 GY838fDE60GknY3sxxdBAjOJsx9Wib12rVJmDwmsvIgzbdlF+ETsQniKqkz0u00F
 ggm6BgpXPkwyxB1gJ7oYfRqjBr9JFMAeigksVBELA88flMQQGnRcEctA789Ey1Zh
 dxrQxm6Rxzucrk02+gDWzPMWMsyeqlItqzzRfS3Fa1EXGzzjgq2hm4t1u53jWk98
 0izjva7JWe0ACjz1oZfIGpsO0C3ZwrOTqrkfXnYJ6LO8630EpcY1j/VwXn1Thi+S
 I1vgTBLRI0iV+IXxQozcAJI4lEXiz4s2q9WBDm8YtwrVZ+sXKsnccZxcg6ssNnXb
 cEGdCH+BLLcGT1lQlghjldDyFvOzwv/Spi1NQ9Po0DnTNn5v8j0lCuxgKD7NegTB
 imXCVr+vhwuJniRQPao//Nl0MBLjknU6htIEP0OY1SVvu1zMN/94fSLyDkrmOewN
 Lr5ckQz06PaUsgmygvcTImow/7NpqHAkvq773KuQnNxzUO0fh3W5uMchj/Dxs/xp
 UKVFXL17FI6FlKhAuRaVQDl56cMeWRQ6WHujkI1tVFAoTNuPDCor1X1WLLhd7Xd+
 igpLKw34EF4h/5ZMYdvD1XC8VAMzZYrGxE+o4onLvLR9Iq9+DL86w2TtWYQ8/j1F
 VUcmzN+akCZzQyfHqQ==
 -----END ENCRYPTED PRIVATE KEY-----
 OpenSSL> rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
 writing RSA key
 OpenSSL> req -new -out cert.csr -key rsa_private_key.pem
 You are about to be asked to enter information that will be incorporated
 into your certificate request.
 What you are about to enter is what is called a Distinguished Name or a DN.
 There are quite a few fields but you can leave some blank
 For some fields there will be a default value,
 If you enter '.', the field will be left blank.
 -----
 Country Name (2 letter code) [AU]:CN
 State or Province Name (full name) [Some-State]:BJ
 Locality Name (eg, city) []:BJ
 Organization Name (eg, company) [Internet Widgits Pty Ltd]:Sketchingame.com
 Organizational Unit Name (eg, section) []:Sketchingame
 Common Name (e.g. server FQDN or YOUR name) []:ChildhoodAndy
 Email Address []:[email protected]

 Please enter the following 'extra' attributes
 to be sent with your certificate request
 A challenge password []:1
 string is too short, it needs to be at least 4 bytes long
 A challenge password []:111222333
 An optional company name []:SketchingameCompany
 OpenSSL> x509 -req -in cert.csr -out rsa_public_key.der -outform der -signkey rsa_private_key.pem -days 3650
 Signature ok
 subject=/C=CN/ST=BJ/L=BJ/O=Sketchingame.com/OU=Sketchingame/CN=ChildhoodAndy/[email protected]
 Getting Private key
 OpenSSL> exit
	λ ChildhoddAndy [ChildhoodAndy/SampleDemos/OpenSSLTest] → openssl
	OpenS
	OpenSSL> genrsa -out rsa_private_key.pem 2048
	Generating RSA private key, 2048 bit long modulus
	..+++
	.+++
	e is 65537 (0x10001)
	OpenSSL> pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM –nocrypt
	Enter Encryption Password:
	Verifying - Enter Encryption Password:
	-----BEGIN ENCRYPTED PRIVATE KEY-----
	MIIE6TAbBgkqhkiG9w0BBQMwDgQIBz0R+6NVGTsCAggABIIEyP9Xu/UC2VJV0Vx3
	LB42xmu5yOIC6YXGIAMDHUAtQfJ2SczdIWU9X9oVzfztwoFuMVKBQhUa3BzQoQ2C
	FoMYmDyj3knepT7nMb+PG0w0Q/MHF+o9bC1hufaPHQOM6n73++MoEDF1bY7m/w+R
	eOSU+hH2bdccONxyHiTZkPb81t9uzeHB4x2xAf7KWq0T3fuokUU9WVuN6YLsV/aW
	EUk+lg98+dVwCNa3RZLHHwQVtLUHu6gLtwx9d/lQdDdKVM/71ZJtu1fVIHBqOvI5
	8YxwySxPNV/IoMIB8s8hpKQelsSjr3LXQiRIVEgfP4uhglZdg4ujjH3QxriyO8w8
	UXIta4Iv2YZqPWkQYyvyYqzQAhIou6lQngytpO+QHnBc1Aj1AA6jwdaDZ8rjhBdQ
	SARj2P+aGFxDeDbRPbZ4pJqaF4rLMAI7OZhKwnFeiUS/fvtMoXH+AdYBi8aP82PB
	JXeADRaIA/s2T+XZLsx22iwRkbcHFLE/MSZt0cWzcZ6Ldp+TmJ6blRyDtQBaBk/r
	ufw9Rt484YFw1T2vkwDXOiGr/lkwJ4w2s6BhswDaE9SXRpElgNCqWQjxdgKqcSAi
	JrjOqu/k06ii9UxdSeljOv3mW/+MpadsEo/ikmKsDy/7cee9Q5gbsPL4QmsnRFUF
	6b3Bu1vMvgvwutr4ndEOP8W0Sd2Wqnv4WYzA5VIOOiOxBrabtcllFoCeRcNmGG4v
	v4C5jiy1udH3/K+0mW/6rVfyzd8gSQA0RKIS39dGeaYc9TYwvLRq4oh12DHws0ih
	pvR2xkqUjBQjWwjiCu9stLcD86wFspWPaTzt6AJ4qLpeChg7V7zA380Vu175JvXs
	lK79X3u6+D3exvelIvpdLYCPxyGZr4Y1R9uFJnJUlzCOmx07k29jqZOUzQJUD+jL
	7sjJlHXNzbTuiI+VKGX0YnUgCHmX59VcM+JtcPnVsOKb8DMsaWem466Ewj9kDWVW
	GY838fDE60GknY3sxxdBAjOJsx9Wib12rVJmDwmsvIgzbdlF+ETsQniKqkz0u00F
	ggm6BgpXPkwyxB1gJ7oYfRqjBr9JFMAeigksVBELA88flMQQGnRcEctA789Ey1Zh
	dxrQxm6Rxzucrk02+gDWzPMWMsyeqlItqzzRfS3Fa1EXGzzjgq2hm4t1u53jWk98
	0izjva7JWe0ACjz1oZfIGpsO0C3ZwrOTqrkfXnYJ6LO8630EpcY1j/VwXn1Thi+S
	I1vgTBLRI0iV+IXxQozcAJI4lEXiz4s2q9WBDm8YtwrVZ+sXKsnccZxcg6ssNnXb
	cEGdCH+BLLcGT1lQlghjldDyFvOzwv/Spi1NQ9Po0DnTNn5v8j0lCuxgKD7NegTB
	imXCVr+vhwuJniRQPao//Nl0MBLjknU6htIEP0OY1SVvu1zMN/94fSLyDkrmOewN
	Lr5ckQz06PaUsgmygvcTImow/7NpqHAkvq773KuQnNxzUO0fh3W5uMchj/Dxs/xp
	UKVFXL17FI6FlKhAuRaVQDl56cMeWRQ6WHujkI1tVFAoTNuPDCor1X1WLLhd7Xd+
	igpLKw34EF4h/5ZMYdvD1XC8VAMzZYrGxE+o4onLvLR9Iq9+DL86w2TtWYQ8/j1F
	VUcmzN+akCZzQyfHqQ==
	-----END ENCRYPTED PRIVATE KEY-----
	OpenSSL> rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
	writing RSA key
	OpenSSL> req -new -out cert.csr -key rsa_private_key.pem
	You are about to be asked to enter information that will be incorporated
	into your certificate request.
	What you are about to enter is what is called a Distinguished Name or a DN.
	There are quite a few fields but you can leave some blank
	For some fields there will be a default value,
	If you enter '.', the field will be left blank.
	-----
	Country Name (2 letter code) [AU]:CN
	State or Province Name (full name) [Some-State]:BJ
	Locality Name (eg, city) []:BJ
	Organization Name (eg, company) [Internet Widgits Pty Ltd]:Sketchingame.com
	Organizational Unit Name (eg, section) []:Sketchingame
	Common Name (e.g. server FQDN or YOUR name) []:ChildhoodAndy
	Email Address []:[email protected]

	Please enter the following 'extra' attributes
	to be sent with your certificate request
	A challenge password []:1
	string is too short, it needs to be at least 4 bytes long
	A challenge password []:111222333
	An optional company name []:SketchingameCompany
	OpenSSL> x509 -req -in cert.csr -out rsa_public_key.der -outform der -signkey rsa_private_key.pem -days 3650
	Signature ok
	subject=/C=CN/ST=BJ/L=BJ/O=Sketchingame.com/OU=Sketchingame/CN=ChildhoodAndy/[email protected]
	Getting Private key
	OpenSSL> exit