输入证书: cert/test.pfx 密码假设为123456
输出证书:cert/test.jks
在cmd下运行:
D:\temp\certtest>java ConvertPKCS12ToJKS
显示
keystore type=PKCS12
alias=[my certificate]
* Convert PKCS12 format digital certificate(treated as a PKCS12 keystore)
* to a JKS format keystore, which could be used in JSSE(Although JSSE has
* a tool to recognize PKCS12, internally it's using JKS format).
*/
import java.security.KeyStore;
import java.security.Key;
import java.security.cert.Certificate;
import java.io.*;
import java.util.*;
public class ConvertPKCS12ToJKS
{
//certificate store format
public static final String PKCS12 = "PKCS12";
public static final String JKS = "JKS";
// PKCS12 keystore properties
public static final String INPUT_KEYSTORE_FILE = "cert/test.pfx"; //"cert/dev_coo1.p12";
public static final String KEYSTORE_PASSWORD = "123456"; //"123";
// JKS output file
public static final String OUTPUT_KEYSTORE_FILE = "cert/test.jks";
public static void main(String[] args)
{
try
{
KeyStore inputKeyStore = KeyStore.getInstance("PKCS12");
FileInputStream fis = new FileInputStream(INPUT_KEYSTORE_FILE);
// If the keystore password is empty(""), then we have to set
// to null, otherwise it won't work!!!
char[] nPassword = null;
if ((KEYSTORE_PASSWORD == null) || KEYSTORE_PASSWORD.trim().equals(""))
{
nPassword = null;
}
else
{
nPassword = KEYSTORE_PASSWORD.toCharArray();
}
inputKeyStore.load(fis, nPassword);
fis.close();
System.out.println("keystore type=" + inputKeyStore.getType());
//----------------------------------------------------------------------
// get a JKS keystore and initialize it.
KeyStore outputKeyStore = KeyStore.getInstance("JKS");
outputKeyStore.load(null, "changeit".toCharArray());
// Now we loop all the aliases, we need the alias to get keys.
// It seems that this value is the "Friendly name" field in the
// detals tab <-- Certificate window <-- view <-- Certificate
// Button <-- Content tab <-- Internet Options <-- Tools menu
// In MS IE 6.
Enumeration enum = inputKeyStore.aliases();
while (enum.hasMoreElements()) // we are readin just one certificate.
{
String keyAlias = (String)enum.nextElement();
System.out.println("alias=[" + keyAlias + "]");
if (inputKeyStore.isKeyEntry(keyAlias))
{
Key key = inputKeyStore.getKey(keyAlias, nPassword);
Certificate[] certChain = inputKeyStore.getCertificateChain(keyAlias);
outputKeyStore.setKeyEntry("dev", key, "changeit".toCharArray(), certChain);
}
}
FileOutputStream out = new FileOutputStream(OUTPUT_KEYSTORE_FILE);
outputKeyStore.store(out, nPassword);
out.close();
}
catch (Exception e)
{
e.printStackTrace();
}
}
}
2242
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
