keystore以及服务器密钥对儿的生成
keytool -genkeypair -alias certificatekey -keyalg RSA -validity 365 -keystore shfqkeystore.jks
验证新生成的keystor文件以及证书信息
keytool -list -v -keystore shfqkeystore.jks
导出公钥证书
keytool -export -alias certificatekey -keystore shfqkeystore.jks -rfc -file shfqcert.cer
Truststore的生成以及公钥证书的导入
Keytool -import -alias certificatekey -file shfqcert.cer -keystore shfqtruststore.jks
验证生成的truststore文件
keytool -list -v -keystore shfqtruststore.jks
配置TOMCAT 结束
一.三 导入证书到 受信任的根证书颁发机构,之后配置tomcat或nginx至此算是结束了
win + r > mmc
文件 > 添加/删除管理单元 > 导入受信任根证书
便捷复制
keytool -genkeypair -alias certificatekey -keyalg RSA -validity 365 -keystore shfqkeystore.jks
keytool -list -v -keystore shfqkeystore.jks
keytool -export -alias certificatekey -keystore shfqkeystore.jks -rfc -file shfqcert.cer
Keytool -import -alias certificatekey -file shfqcert.cer -keystore shfqtruststore.jks
keytool -list -v -keystore shfqtruststore.jks
导出私钥
package hongz.encryption.digest;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import sun.misc.BASE64Encoder;
public class ExportPrivateKey {
public static KeyStore getKeyStore(String keyStorePath, String password) throws Exception {
FileInputStream is = new FileInputStream(keyStorePath);
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(is, password.toCharArray());
is.close();
return ks;
}
public static PrivateKey getPrivateKey() {
try {
BASE64Encoder encoder = new BASE64Encoder();
KeyStore ks = getKeyStore("C:\\keys\\testserverkeystore.jks", "123456");
PrivateKey key = (PrivateKey) ks.getKey("testserver", "123456".toCharArray());
String encoded = encoder.encode(key.getEncoded());
System.out.println("-----BEGIN RSA PRIVATE KEY-----");
System.out.println(encoded);
System.out.println("-----END RSA PRIVATE KEY-----");
return key;
} catch (Exception e) {
return null;
}
}
public static void main(String[] args) {
getPrivateKey();
}
}
参考:
https://blog.csdn.net/shfqbluestone/article/details/21242323