我在“windows 2012R2”上使用 open ssl 来生成自签名证书。
使用下面的命令我生成了证书
openssl genrsa -des3 -out ab.key
openssl req -new -x509 -key ab.key -out ab.crt
openssl pkcs12 -inkey ab.key -in ab.crt -export -out ab.pkcs12
openssl x509 -in ab.crt -out ab.pem
Getting the error while import the certificate - The selected certificate does not have the KeySpec
Exchange property. This property is required by SQL Server to import a certificat Import error: 0x2, Windows Native Error: 0x80092004
I have checked the opennssl config file but could not get like where to set this property.
一种方法是将您的证书转换为 pfx (pkcs12) 格式,它将获得 KeySpec 的默认值,即KeySpec = 1 -- At_KEYEXCHANGE
使用 openssl 命令“pkcs12”,如下所示:
openssl pkcs12 -inkey mssql-key.pem -in mssql-cert.crt -export -out mssql-cert.pfx
您将在 certutil 的输出中得到以下内容:
certutil -dump -v .\mssql-cert.pfx
输出摘录:
.......
hCryptProv = 000001372C300D00
KeySpec = 1 -- AT_KEYEXCHANGE
......
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)