keystore格式与pfx格式证书互转

今天运维同事在阿里云上申请了pfx格式的SSL证书，但是tomcat只能识别keystore格式的，所以需要转换一下。按照下面的代码转换，需要注意的是KEYSTORE_PASSWORD这里的密码不是随便弄的，是生成pfx证书的时候会同时生成一个密码，，然后就使用这个密码。。。

package com.cloud.frame.common.util;

import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.Enumeration;

/**
 * @author duxin
 * @date 2018-12-13
 * @desc pfx格式和keystore格式的证书互转
 */

public class ConvertPFXToKeystoreUtil {
	public static final String PKCS12 = "PKCS12";
	public static final String JKS = "JKS";
	public static final String PFX_KEYSTORE_FILE = "G:\\boyacx.pfx";
	public static final String KEYSTORE_PASSWORD = "Ibmr3JWC";
	public static final String JKS_KEYSTORE_FILE = "G:\\bycx.keystore";

	/**
	 * 将pfx或p12的文件转为keystore
	 */
	public static void coverTokeyStore() {
		try {
			KeyStore inputKeyStore = KeyStore.getInstance("PKCS12");
			FileInputStream fis = new FileInputStream(PFX_KEYSTORE_FILE);
			char[] nPassword = null;

			if ((KEYSTORE_PASSWORD == null)
					|| KEYSTORE_PASSWORD.trim().equals("")) {
				nPassword = null;
			} else {
				nPassword = KEYSTORE_PASSWORD.toCharArray();
			}

			inputKeyStore.load(fis, nPassword);
			fis.close();

			KeyStore outputKeyStore = KeyStore.getInstance("JKS");

			outputKeyStore.load(null, KEYSTORE_PASSWORD.toCharArray());

			Enumeration enums = inputKeyStore.aliases();

			while (enums.hasMoreElements()) { // we are readin just one
				// certificate.

				String keyAlias = (String) enums.nextElement();

				System.out.println("alias=[" + keyAlias + "]");

				if (inputKeyStore.isKeyEntry(keyAlias)) {
					Key key = inputKeyStore.getKey(keyAlias, nPassword);
					Certificate[] certChain = inputKeyStore
							.getCertificateChain(keyAlias);

					outputKeyStore.setKeyEntry(keyAlias, key,
							KEYSTORE_PASSWORD.toCharArray(), certChain);
				}
			}

			FileOutputStream out = new FileOutputStream(JKS_KEYSTORE_FILE);

			outputKeyStore.store(out, nPassword);
			out.close();
		} catch (Exception e) {
			e.printStackTrace();
		}
	}

	/**
	 * 将keystore转为pfx
	 */
	public static void coverToPfx() {
		try {
			KeyStore inputKeyStore = KeyStore.getInstance("JKS");
			FileInputStream fis = new FileInputStream(JKS_KEYSTORE_FILE);
			char[] nPassword = null;

			if ((KEYSTORE_PASSWORD == null)
					|| KEYSTORE_PASSWORD.trim().equals("")) {
				nPassword = null;
			} else {
				nPassword = KEYSTORE_PASSWORD.toCharArray();
			}

			inputKeyStore.load(fis, nPassword);
			fis.close();

			KeyStore outputKeyStore = KeyStore.getInstance("PKCS12");

			outputKeyStore.load(null, KEYSTORE_PASSWORD.toCharArray());

			Enumeration enums = inputKeyStore.aliases();

			while (enums.hasMoreElements()) { // we are readin just one
				// certificate.

				String keyAlias = (String) enums.nextElement();

				System.out.println("alias=[" + keyAlias + "]");

				if (inputKeyStore.isKeyEntry(keyAlias)) {
					Key key = inputKeyStore.getKey(keyAlias, nPassword);
					Certificate[] certChain = inputKeyStore
							.getCertificateChain(keyAlias);

					outputKeyStore.setKeyEntry(keyAlias, key,
							KEYSTORE_PASSWORD.toCharArray(), certChain);
				}
			}

			FileOutputStream out = new FileOutputStream(PFX_KEYSTORE_FILE);

			outputKeyStore.store(out, nPassword);
			out.close();
		} catch (Exception e) {
			e.printStackTrace();
		}
	}

	public static void main(String[] args) {
		coverTokeyStore();
	}