我想在脚本中创建 .pem 格式的证书。但我在那里需要一些帮助。我使用Powershell脚本在Windows商店中生成证书;然后,我将其导出为 pfx 并尝试将其转换为 pem 格式。 我很困惑为什么 Windows 没有内置功能,但它就是这样。
这是我到目前为止的脚本:
Import-Module PSPKI
Write-Host "Create Windows Certificate"
$paramsCreate = @{
DnsName = 'localhost'
CertStoreLocation = 'Cert:\LocalMachine\My'
}
$cert = New-SelfSignedCertificate @paramsCreate
Write-Host "Create Password"
$mypwd = ConvertTo-SecureString -String '1234' -Force -AsPlainText
Write-Host "Export Certificate as Pfx"
$paramsExport = @{
Cert = $cert
FilePath = 'C:\temp.pfx'
Password = $mypwd
}
Export-PfxCertificate @paramsExport
Write-Host "Convert pfx to pem"
Convert-PfxToPem -InputFile 'C:\temp.pfx' -Password $mypwd -Outputfile 'C:\tmp.pem'
(Get-Content 'C:\tmp.pem' -Raw) -match "(?ms)(\s*((?<privatekey>-----BEGIN PRIVATE KEY-----.*?-
----END PRIVATE KEY-----)|(?<certificate>-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----))\s*){2}"
$Matches["privatekey"] | Set-Content "C:\key.pem"
$Matches["certificate"] | Set-Content "C:\cert.pem"
我想问题出在哪里。这是错误消息:
Invalid provider type specified
At C:\Program Files\WindowsPowerShell\Modules\PSPKI\4.0.0\Client\Convert-PfxToPem.ps1:141 char:9
+ throw New-Object ComponentModel.Win32Exception ([Runtime.Inte ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], Win32Exception
+ FullyQualifiedErrorId : Invalid provider type specified
感谢您的帮助,并感谢您抽出时间。
请参阅:https://www.howtogeek.com/devops/how-to-create-a-self-signed-certificate-with-powershell/
并且:https://4sysops.com/archives/create-a-self-signed-certificate-with-powershell/
使用 OpenSSL 将 PFX 证书转换为 PEM 格式。
# Export the private key
openssl pkcs12 -in C:\temp.pfx -nocerts -out C:\key.pem
# Export the certificate
openssl pkcs12 -in C:\temp.pfx -clcerts -nokeys -out C:\cert.pem