一:打开cmd命令行
1.1命令:keytool -genkey -validity 2 -alias www.xxx.cn -keyalg RSA -keysize 2048 -keystore d:\xxx.keystore -startdate 2024/08/18
-validity 2 有效期两天
-startdate 2024/08/18 从2024.08.18开始
-keystore d:\xxx.keystore 保存到d盘
1.2命令:keytool -export -keystore d:\xxx.keystore -alias www.xxx.cn -file d:\xxx.cer -rfc
二:Java代码
public static final String KEY_STORE = "JKS"; public static final String X509 = "X.509"; private static String password = "xxxxxx"; private static String alias = "www.xxx.cn"; private String certificatePath = "d:/xxx.cer"; private static String keyStorePath = "d:/xxx.keystore";
public static void main(String[] args) { try { FileInputStream fis = new FileInputStream(new File(certificatePath )); CertificateFactory cf = CertificateFactory.getInstance(X509); X509Certificate cert = (X509Certificate) cf.generateCertificate(fis); fis.close(); //获取证书日期 Date date = cert.getNotAfter(); System.out.println(new SimpleDateFormat("yyyy-MM-dd").format(date)); //获取证书公钥 PublicKey publicKey = cert.getPublicKey(); //验证证书真伪 if (zhen(publicKey)) { System.out.println("证zhen"); }else{ System.out.println("证jia"); } //验证证书有效期 cert.checkValidity();// 验证证书有效期 System.out.println("证书有效期验证通过。"); } catch (Exception e) { System.out.println("证书已过期或验证失败。"); //e.printStackTrace(); } }
public static boolean zhen(PublicKey publicKey) { boolean boo = true; try { KeyStore ks = getKeyStore(keyStorePath, password); Certificate certificate = ks.getCertificate(alias); try { certificate.verify(publicKey); } catch (Exception e) { boo = false; } } catch (Exception e) { boo = false; } return boo; }
private static KeyStore getKeyStore(String keyStorePath, String password) throws Exception { FileInputStream is = new FileInputStream(keyStorePath); KeyStore ks = KeyStore.getInstance(KEY_STORE); ks.load(is, password.toCharArray()); is.close(); return ks; }