我正在尝试编写一个脚本来在 powershell 中创建 PEM 证书文件。我不确定我所做的是否完全错误,但是当我尝试在 socat OPENSSL 中使用 PEM 文件时,它返回了错误:
$ socat OPENSSL-LISTEN:1337,cert=cert.pem,verify=0 -
socat[1209] E SSL_CTX_use_certificate_file(): error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
#create certificate
$cert = New-SelfSignedCertificate `
-Subject "MYHOSTNAME" `
-TextExtension @("2.5.29.17={text}DNS=MYHOSTNAME&IPAddress=192.168.1.100") `
-KeySpec Signature `
-HashAlgorithm SHA256 `
-KeyExportPolicy Exportable
#publicKey
$PublicKey = $cert.GetPublicKey();
$PublicKeyB64 = [Convert]::ToBase64String($PublicKey,"InsertLineBreaks");
#privateKey
$RSACng = [System.Security.Cryptography.X509Certificates.RSACertificateExtensions]::GetRSAPrivateKey($cert);
$PrivateKey = $RSACng.Key;
$PrivateKeyByte = $PrivateKey.Export("PRIVATEBLOB");
$PrivateKeyB64 = [Convert]::ToBase64String($PrivateKeyByte,"InsertLineBreaks");
#createFile
$out = New-Object string[] -ArgumentList 6;
$out[0] = "-----BEGIN PRIVATE KEY-----";
$out[1] = $PrivateKeyB64;
$out[2] = "-----END PRIVATE …