Blogs work like this:
Generate RSA private key with strength of 1024.
$ OpenSSL gen RSA-out private . PEM 1024
Execute the code to generate the private key, Pem file, which is actually a general text format ~ see the figure below ~
Here's the file:
Select a text editor to open the auxiliary file, and you can see that it is normal text:
-Start RSA private key-
miicxaibaakbgqcfwtjlpe 9 qqiboa/kdvdygdyko 6 iegfaihiqihd 7 ul 13k 4 gi+
1 ngl 6 sfo/uah KL 6 raw tk 9t 8/v0 birbctbl 6 hml C4 yjkfbdk 7 elojnnsauwl 2 PLL
bsitzqq 8 vs BC 6 myuizdfdcfl 2 pwvfemzmynscob 2 MW 4 mywjwnub+my E7 pwidaqab
aogac 8 jxy 5 fkb a5 brk 1 lzujgwydkjilsri sy 4 jpcwdwxzklzkk 0+RV 0 qqw 8 ye 7 bn
lvsbnj 0 wif 5 LC 9 meamlnktxwdwrhkei 70s 69 mzzh+ssap 3 sgaeug 3 ty 2 ojsyixmb
+dwyslvb 3 dvzxr 56 fmjlfcbgahqhmxgy 79 ruibnkrdqo 6 kkcqdpycizrli 0 trea
4y+E2YUqx/x6xpohljuqozbjq 3 ZT 0 rq+afljnxlsoil 4 pw 9 glwodhatxzjlmumnb
b36mp 1 plakeaxtib 34 Yep 5 nkwpbz 5 roafkrmkgunezulvcdks/kiamxurwawggu
avy 9 o 1 aks 48 c 42 gsf+nto e9 yq 1 z9 SJ 6y 0 wjbaiclzpekl 3 dcj 3c ohbyj 35 gvpzva
rnjqv 7 xnabkashjqevje/mexz 9 bym tto 2v 736 y0 LX PC 89 gej 7 jzjfoiw 3 mecqdym
4 czhpiiy 7 hovyha/gpeqbdfyd 0 orihveyv 1 B9 D2 iyaegdd 6 qdvlwqn 7 ajf 0 q vklF
XWxEJe/ipumzfmzx 24 mcqdu 19 hnyyg 8863 mvg BC 7 jway 1 apjx 1i/KTXe/6 rbj mos
bxosepknhpw 6 dgl/6s 6 wqub 8j 3 tnunj5o 99 Cu 6 dlsm =
-End RSA private key-
Then follow the author to do the following ~
Create a certificate request
$ OpenSSL req-new-key private . PEM-out RSA cert . CSR
At this time, the control bar requires you to enter the following personal information ~ and then follow the prompts ~
Country name (2-letter code) [AU]:CN
State or province name (full name) [part of state]: Beijing
Name of place (for example, city) []: Beijing
Organization name (such as company) [Internet Widgits Pte Ltd]: Ermayina.
Name of organizational unit (such as department) []:com
Common name (such as server FQDN or your name) []: Ermayina.
Email address []: Mr. Wang Yaojie @163.com.
Please enter the following Extra attributes.
Send it with your certificate request.
Challenge password []:
Optional company name []:
At this point, a csr file is generated.
Generate and sign a certificate, valid for 10 years.
$ OpenSSL x509-req-days 3650-in RSA cert . CSR-sign key private . PEM-out RSA cert . CRT
Convert format-Convert PEM format file to DER format.
$ OpenSSL x509-out form der-in RSA cert . CRT-out RSA cert . der
Export P 12 file.
$ OpenSSL pkcs 12-export-out p . p 12-in key private . PEM-in RSA cert . CRT
Finally, we generated two files, a p 12 file and a der file. The der file is the public key and the p 12 file is the private key.