OpenSSL 在 PKCS12导出期间挂起，“将‘ screen’加载到随机状态”

我正在使用 OpenSSL (不是 makecert)生成一个自签名的 SSL 证书，以便在 IIS 中使用。

openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj '//CN=myhost'

(双斜杠是正确的。没有它，上面的命令就无法工作。)

openssl pkcs12 -export -out key.pfx -inkey key.pem -in cert.pem -name 'myhost'

第一个命令运行成功

加载’屏幕’到随机状态-

我使用的是 Git for Windows (2.6.3)附带的 OpenSSL (1.0.2 d)。有人遇到过同样的问题吗？

澄清: 问题如何解决“无法写入随机状态”在 openssl描述了不同的问题——写入。Rnd 文件。这里的问题似乎是产生随机状态。(只在第二个命令中)

windows

ssl

openssl

git-bash

42240 次浏览

小开

I found that I needed to specify the PFX password on the command line using -passout pass:SomePassword - e.g.:

openssl pkcs12 -export -out foo_example_com.pfx -inkey foo_example_com.key -in foo_example_com.crt -passout pass:Pa55w0rd

小开

最佳答案

Please try to add winpty before oppenssl:

winpty openssl ...

or you can run a new bash wrapped by winpty:

winpty bash

In the windows console, there is some problem with terminal input/output so winpty can help if some software requires unix terminal behavior.

winpty helped me to run openssl in this environment:

git version 2.7.3.windows.1 OpenSSL 1.0.2g 1 Mar 2016

小开

Recently I hit the same when running openssl in an azure ubuntu VM over ssh from a windows 10 laptop. I tried openssl for windows also from windows command prompt and powershell. The root cause behind this seems to be terminal compatibility of openssl when using from windows command prompt.

I found that wsl (windows-subsystem-linux) based shell seem to be good and command goes through proper prompt instead of seem-to-be-hung. Steps here will be

Install ubuntu on windows

launch windows command prompt. Use wsl command to launch bash shell.

openssl tool is already available in this shell. it should give the password and verify password prompts.

提交答案