使用Openssl查看證書是DER and PEM(BASE64)編碼

請到官方下載openssl

https://www.openssl.org/source/

下載到本地以後解壓，將要查看的證書放到openssl目錄下

打開command窗口

具體命令請參考下文：

One way to verify if "keytool" did export my certificate using DER and PEM formats correctly or not is to use "OpenSSL" to view those certificate files. To do this, I used the "openssl x509" command to view keytool_crt.der and keytool_crt.pem:

>openssl x509 -in keytool_crt.pem -inform pem -noout -text

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1185636568 (0x46ab60d8)
        Signature Algorithm: dsaWithSHA1
        Issuer: C=CA, ST=Herong State, L=Herong City, ...
        ...

>openssl x509 -in keytool_crt.der -inform der -noout -text

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1185636568 (0x46ab60d8)
        Signature Algorithm: dsaWithSHA1
        Issuer: C=CA, ST=Herong State, L=Herong City, ...
        O=Herong Company, OU=Heron
        ...

Cool. "OpenSSL" can read certificates in DER and PEM formats generated by "keytool". What I learned so far:

• "keytool" can generate self-signed X5.09 version 3 certificates.
• "keytool" can export certificates with DER and PEM formats.
• "OpenSSL" can read certificates generated by "keytool" in both DER and PEM formats.