例如,
openssl x509 \
-req -sha256 \
-days "365" \
-CAcreateserial \
-CA "ca.crt" -CAkey "ca.key" -passin "pass:abcd" \
-in "csr.csr" -extfile "ext.ext" \
-out "c.crt"`
它还创建一个ca.srl包含签名证书序列号的文件。
如果-CAcreateserial参数不存在并输出错误,则上述方法将不起作用:
/test/ca.srl: No such file or directory
140413509251520:error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters:../crypto/evp/p_lib.c:93:
140413509251520:error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:72:fopen('/test/ca.srl','r')
140413509251520:error:2006D080:BIO routines:BIO_new_file:no such file:../crypto/bio/bss_file.c:79:
该参数不是用于输出带有序列号的文件,无论如何都可以通过下面的命令获得该文件吗?
/test/ca.srl: No such file or directory
140413509251520:error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters:../crypto/evp/p_lib.c:93:
140413509251520:error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:72:fopen('/test/ca.srl','r')
140413509251520:error:2006D080:BIO routines:BIO_new_file:no such file:../crypto/bio/bss_file.c:79:
那有什么意义呢?如果需要,为什么不在内部创建文件,而是将其保存在存储中?