如何解决使用curl的RSA填充错误; openssl验证通过
我创建了以下脚本,以允许自动创建CA,服务器和客户端证书。使用openssl verify和pyopenssl时,此脚本可以正常工作:
openssl验证-CAfile ca / ca.crt-用途sslserver服务器/server.crt server / server.crt:确定
但是,当我尝试卷曲以连接到我的Nginx服务器时,出现以下错误: curl:(35)错误:0407008A:rsa例程:RSA_padding_check_PKCS1_type_1:无效的填充
我在做什么错了?
# Move to root directory...
cd /
mkdir keys
cd keys
mkdir -p ca/private
openssl genrsa -out ca/private/ca.key 4096
openssl req \
-x509 \
-new \
-nodes \
-key ca/private/ca.key \
-sha256 \
-days 1024 \
-out ca/ca.crt \
-subj "/C=US/ST=California/L=S/O=F/CN=Root CA"
# Create server private key and certificate request
mkdir -p server/private
openssl genrsa -out server/private/server.key 4096
openssl req -new \
-sha256 \
-key server/private/server.key \
-out server/server.csr \
-subj "/C=US/ST=California/L=S/O=F/CN=0.0.0.0"
echo "Server CSR"
openssl req -in server/server.csr -noout -text
# Create client private key and certificate request
mkdir -p client/private
openssl genrsa -out client/private/client.key 4096
openssl req -new \
-sha256 \
-key client/private/client.key \
-out client/client.csr \
-subj "/C=US/ST=California/L=S/O=F/CN=Client/serialNumber=1"
echo "Client CSR"
openssl req -in client/client.csr -noout -text
# Generate server certificates
openssl x509 -req \
-in server/server.csr \
-CA ca/ca.crt \
-CAkey ca/private/ca.key \
-CAcreateserial \
-out server/server.crt \
-days 500 \
-sha256
echo "Server CRT"
openssl x509 -in server/server.crt -noout -text
# Generate client certificates
openssl x509 -req \
-in client/client.csr \
-CA ca/ca.crt \
-CAkey ca/private/ca.key \
-CAcreateserial \
-out client/client.crt \
-days 500 \
-sha256
echo "Client CRT"
openssl x509 -in client/client.crt -noout -text
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。
