zoukankan      html  css  js  c++  java
  • tomcat的jks的私钥导出nginx需要的key文件

    方法一:

    1.先用keytool导出pfx文件。第一个123456是jks密码,后边两个是新生成的pfx的密码

    keytool -v -importkeystore -srckeystore D:\fuwuqi.jks -srcstoretype jks -srcstorepass 123456 -destkeystore D:\fuwuqi.pfx -deststoretype pkcs12 -deststorepass 123456 -destkeypass 123456

    2.用ssl导出key文件

    openssl pkcs12 -in fuwuqi.pfx -nocerts -nodes -out fuwuqi.key

    方法二:

     代码生成

    package com.acca.dovepay.nucc.utils;
    
    import java.io.File;
    import java.io.FileInputStream;
    import java.io.FileWriter;
    import java.security.Key;
    import java.security.KeyPair;
    import java.security.KeyStore;
    import java.security.KeyStoreException;
    import java.security.NoSuchAlgorithmException;
    import java.security.PrivateKey;
    import java.security.PublicKey;
    import java.security.UnrecoverableKeyException;
    import java.security.cert.Certificate;
    
    import sun.misc.BASE64Encoder;
    
    public class CertUtil {
    
        private File keystoreFile;
    
        private String keyStoreType;
    
        private char[] password;
    
        private String alias;
    
        private File exportedFile;
    
        public KeyPair getPrivateKey(KeyStore keystore, String alias,
                char[] password) {
    
            try {
    
                Key key = keystore.getKey(alias, password);
    
                if (key instanceof PrivateKey) {
    
                    Certificate cert = keystore.getCertificate(alias);
    
                    PublicKey publicKey = cert.getPublicKey();
    
                    return new KeyPair(publicKey, (PrivateKey) key);
    
                }
    
            } catch (UnrecoverableKeyException e) {
    
            } catch (NoSuchAlgorithmException e) {
    
            } catch (KeyStoreException e) {
    
            }
    
            return null;
    
        }
    
        public void export() throws Exception {
    
            KeyStore keystore = KeyStore.getInstance(keyStoreType);
    
            BASE64Encoder encoder = new BASE64Encoder();
    
            keystore.load(new FileInputStream(keystoreFile), password);
    
            KeyPair keyPair = getPrivateKey(keystore, alias, password);
    
            PrivateKey privateKey = keyPair.getPrivate();
    
            String encoded = encoder.encode(privateKey.getEncoded());
    
            FileWriter fw = new FileWriter(exportedFile);
    
            fw.write("----BEGIN PRIVATE KEY----
    ");
    
            fw.write(encoded);
    
            fw.write("
    ");
    
            fw.write("----END PRIVATE KEY----
    ");
    
            Certificate cert = keystore.getCertificate(alias);
    
            PublicKey publicKey = cert.getPublicKey();
    
            String encoded2 = encoder.encode(publicKey.getEncoded());
    
            fw.write("----BEGIN CERTIFICATE----
    ");
    
            fw.write(encoded2);
    
            fw.write("
    ");
    
            fw.write("----END CERTIFICATE----
    ");
    
            fw.close();
    
        }
    
        public static void main(String args[]) throws Exception {
    
            CertUtil export = new CertUtil();
    
            export.keystoreFile = new File("D:\20181120fuwuqi.jks");
    
            export.keyStoreType = "JKS";
    
            export.password = "123456".toCharArray();
    
            export.alias = "mykey";
    
            export.exportedFile = new File("D:\SSS.key");
    
            export.export();
        }
    }

    另crt文件的生成,转载https://jingyan.baidu.com/article/154b463178eac928ca8f41a9.html?qq-pf-to=pcqq.c2c

  • 相关阅读:
    进行C# 编写发送邮箱,报错Error: need EHLO and AUTH first !
    vue使jsZip和FileSaver.js打包下载
    基于js或vue项目实现一次批量文件下载功能
    模块
    now 与 down 中的 ow 发音是否一样?
    __time64_t 解决了 2038 年问题,可是没解决 1969年问题
    MagickSetOption(mw, "jpeg:extent", "...kb"); 这个函数有时结果出乎意料
    解决Idea启动Spring Boot很慢的问题
    CAP原理和BASE思想和ACID模型
    java并发编程之Condition
  • 原文地址:https://www.cnblogs.com/jinzhiming/p/9999493.html
Copyright © 2011-2022 走看看