下面是一个示例代码,可以使用 Golang 生成 SSL 证书和私钥:
package mainimport ("crypto/rand""crypto/rsa""crypto/x509""encoding/pem""fmt""math/big""os""time")func main() {// 生成 RSA 密钥对privateKey, err := rsa.GenerateKey(rand.Reader, 2048)if err != nil {fmt.Println("Failed to generate private key:", err)return}// 生成证书模板certTemplate := x509.Certificate{SerialNumber: big.NewInt(time.Now().Unix()),Subject: pkix.Name{CommonName: "example.com"},NotBefore: time.Now(),NotAfter: time.Now().AddDate(1, 0, 0),KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment,ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},DNSNames: []string{"example.com", "www.example.com"},}// 将证书模板序列化为 DER 格式derBytes, err := x509.CreateCertificate(rand.Reader, &certTemplate, &certTemplate, &privateKey.PublicKey, privateKey)if err != nil {fmt.Println("Failed to create certificate:", err)return}// 创建 PEM 编码的证书文件certOut, err := os.Create("cert.pem")if err != nil {fmt.Println("Failed to create cert.pem:", err)return}pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})certOut.Close()fmt.Println("Wrote cert.pem")// 创建 PEM 编码的私钥文件keyOut, err := os.OpenFile("key.pem", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)if err != nil {fmt.Println("Failed to open key.pem for writing:", err)return}pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(privateKey)})keyOut.Close()fmt.Println("Wrote key.pem")}
运行上述代码后,会生成 cert.pem 和 key.pem 两个文件,其中 cert.pem 是 PEM 编码的证书,key.pem 是 PEM 编码的私钥。这些文件可以用于启用 SSL/TLS 加密连接。在实际生产环境中,建议使用更安全的加密算法和密钥长度。
![ngx.arg[2]在C中如何实现?](https://linuxcpp.0voice.com/zb_users/upload/2023/05/202305162232428008348.png)
