返回> 网站首页
openssl使用windows默认证书
yoours2025-06-24 18:27:02
简介一边听听音乐,一边写写文章。
一、命令行方式
指定pem格式证书
openssl s_client -connect registry.npmmirror.com:443 -tls1_3 -CAfile windows_root_certs.pem
二、导出windows默认证书为pem证书
#include <windows.h>
#include <wincrypt.h>
#include <fstream>
#include <vector>
std::string CertToPEM(const BYTE* certData, DWORD certSize)
{
DWORD pemSize = 0;
if (!CryptBinaryToStringA(certData, certSize, CRYPT_STRING_BASE64HEADER, NULL, &pemSize))
return "";
std::vector<char> pemBuffer(pemSize);
if (!CryptBinaryToStringA(certData, certSize, CRYPT_STRING_BASE64HEADER, pemBuffer.data(), &pemSize))
return "";
return std::string(pemBuffer.data());
}
void ExportCertToPEM()
{
HCERTSTORE hStore = CertOpenSystemStore(0, "ROOT");
if (!hStore)
return;
std::ofstream outFile("windows_root_certs.pem", std::ios::out | std::ios::binary);
PCCERT_CONTEXT pContext = NULL;
while ((pContext = CertEnumCertificatesInStore(hStore, pContext)))
{
std::string pem = CertToPEM(pContext->pbCertEncoded, pContext->cbCertEncoded);
if (!pem.empty())
{
if (!outFile.is_open())
return;
outFile << pem << "\r\n";
}
}
outFile.close();
CertCloseStore(hStore, 0);
}
int main(int argc, char** argv)
{
ExportCertToPEM();
return 0;
}