pem to bks

https://gist.github.com/wbroek/cd87d161b52d0ddba08d

 

https://docs.wso2.com/display/EMM200/Generating+a+BKS+File+for+Android#GeneratingaBKSFileforAndroid-Prerequisites

 

 

 

openssl pkcs12 -export -out Cert.p12 -in cert.pem -inkey key.pem -passin pass:root -passout pass:root

openssl pkcs12 -export -inkey cert_key_pem.txt -in cert_key_pem.txt -out cert_key.p12

-inkey为私钥文件，-in为证书，如果pem私钥没有密码，则使用-nodes表示无密码，如果有密码使用-passin，如果私钥和证书都在同一文件里则-in和-inkey指定同一个文件。-CAfile，表示CA证书。

 

 

合成 pkcs#12 证书(含私钥)

** 将 pem 证书和私钥转 pkcs#12 证书 **

openssl pkcs12 -export -in server.crt -inkey server.key -passin pass:111111 -password pass:111111 -out server.p12

其中-export指导出pkcs#12 证书，-inkey 指定了私钥文件，-passin 为私钥(文件)密码(nodes为无加密)，-password 指定 p12文件的密码(导入导出)

** 将 pem 证书和私钥/CA 证书 合成pkcs#12 证书**

openssl pkcs12 -export -in server.crt -inkey server.key -passin pass:111111 \
    -chain -CAfile ca.crt -password pass:111111 -out server-all.p12

 

 

Convert pkcs12 key to bks format for Android

Leave a reply

Dear Reader,

If you ever want to convert a pkcs12 format key to bks format for Android follow the below instructions.

First of all downlaod bcprov-jdk16-1.46.jar file

[root@itpings certs]# wget http://repo1.maven.org/maven2/org/bouncycastle/bcprov-jdk16/1.46/bcprov-jdk16-1.46.jar
–2017-06-30 17:05:40– http://repo1.maven.org/maven2/org/bouncycastle/bcprov-jdk16/1.46/bcprov-jdk16-1.46.jar
Resolving repo1.maven.org (repo1.maven.org)… 151.101.32.209
Connecting to repo1.maven.org (repo1.maven.org)|151.101.32.209|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 1876535 (1.8M) [application/java-archive]
Saving to: ‘bcprov-jdk16-1.46.jar’

bcprov-jdk16-1.46.j 100%[===================>] 1.79M –.-KB/s in 0.02s

2017-06-30 17:05:40 (89.3 MB/s) – ‘bcprov-jdk16-1.46.jar’ saved [1876535/1876535]

Now Convert the File as follow with keytool

[root@itpings certs]# keytool –importkeystore –srckeystore user.P12 -srcstoretype pkcs12 –destkeystore user.bks –deststoretype bks –provider org.bouncycastle.jce.provider.BouncyCastleProvider -–providerpath bcprov-jdk16-1.46.jar
Enter destination keystore password:
Re-enter new password:
Enter source keystore password:
Entry for alias 1 successfully imported.
Import command completed: 1 entries successfully imported, 0 entries failed or cancelled
[root@itpings certs]# ls
user.bks

Done.

Thanks,
Salman Aftab
ITpings
YouTube: LinuxKing
FaceBook: LZHProject

 

 

 

openssl pkcs12 -export -out polycom.p12 -in output.pem -inkey output.pem -nodes -passout pass:111111
keytool -importkeystore -srckeystore polycom.p12 -srcstoretype pkcs12 -destkeystore polycom.bks -deststoretype bks -provider org.bouncycastle.jce.provider.BouncyCastleProvider --providerpath bcprov-jdk16-1.46.jar

#test p12 private key and public key
#openssl pkcs12 -in test.p12 -nocerts -nodes -out 1.key
#openssl rsa -in 1.key -pubout -out polycom_public.pem
#openssl rsa -in 1.key -out polycom_private.pem

输出没有加密的私钥：

openssl pkcs12 -in test.p12 -nocerts -nodes -out key.pem

 

https://blog.csdn.net/as3luyuan123/article/details/16105475

https://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html

https://www.cnblogs.com/benwu/articles/4891758.html