环境:
jdk1.8
window7
cmder
1.生成证书库jks
keytool.exe -genkeypair -alias www.bingco.com -keyalg RSA ^ -keysize 2048 -keypass 126321 ^ -sigalg SHA256withRSA ^ -keystore www.bingco.com.jks -storetype JKS ^ -storepass 126321 ^ -validity 365
2. jks转p12
keytool.exe -importkeystore ^ -srckeystore www.bingco.com.jks ^ -destkeystore www.bingco.com.p12 ^ -srcstoretype jks ^ -deststoretype pkcs12
3.p12转keystore
keytool.exe -v ^ -importkeystore -srckeystore www.bingco.com.p12 ^ -srcstoretype pkcs12 ^ -destkeystore www.bingco.com.jks ^ -deststoretype jks
>>>>>
jdk不自带密钥导出功能,使用openssl或者代码实现
1.openssl命令导出.crt
openssl pkcs12 -in www.bingco.com.p12 -nokeys -out www.bingco.com.crt
2.openssl命令导出.key
openssl pkcs12 -in www.bingco.com.p12 -nocerts -nodes -out www.bingco.com.key
-----------------------
代码导出
import sun.misc.BASE64Encoder; import java.io.FileInputStream; import java.security.KeyStore; import java.security.PrivateKey; import java.util.HashMap; public class main { public KeyStore getKeyStore(String keyStorePath, String password) throws Exception { FileInputStream is = new FileInputStream(keyStorePath); KeyStore ks = KeyStore.getInstance("JKS"); ks.load(is, password.toCharArray()); is.close(); return ks; } public PrivateKey getPrivateKey(HashMap<String, String> paramMap) { try { BASE64Encoder encoder = new BASE64Encoder(); KeyStore ks = getKeyStore(paramMap.get("path"), paramMap.get("passwd")); PrivateKey key = (PrivateKey) ks.getKey(paramMap.get("alias"), paramMap.get("passwd").toCharArray()); String encoded = encoder.encode(key.getEncoded()); System.out.println("-----BEGIN RSA PRIVATE KEY-----"); System.out.println(encoded); System.out.println("-----END RSA PRIVATE KEY-----"); return key; } catch (Exception e) { e.printStackTrace(); return null; } } public static void main(String[] args) throws Exception { HashMap<String, String> paramMap = new HashMap<>(); for (String var : args) { if (var.startsWith("-path")) { String[] split = var.split("="); if (split.length != 2) { throw new RuntimeException("-path 参数定义有误: " + var); } paramMap.put("path", split[1]); } if (var.startsWith("-alias")) { String[] split = var.split("="); if (split.length != 2) { throw new RuntimeException("-alias 参数定义有误: " + var); } paramMap.put("alias", split[1]); } if (var.startsWith("-passwd")) { String[] split = var.split("="); if (split.length != 2) { throw new RuntimeException("-passwd 参数定义有误: " + var); } paramMap.put("passwd", split[1]); } } main exec = new main(); exec.getPrivateKey(paramMap); } }
javac main.java
java main -path=./www.bingco.com.keystore -alias=www.bingco.com -passwd=126321
创建一个文本文件粘贴输出内容。
如: www.bingco.com.key
-- OVER --