环境:
jdk1.8
window7
cmder
1.生成证书库jks
keytool.exe -genkeypair -alias www.bingco.com -keyalg RSA ^
-keysize 2048 -keypass 126321 ^
-sigalg SHA256withRSA ^
-keystore www.bingco.com.jks -storetype JKS ^
-storepass 126321 ^
-validity 365
2. jks转p12
keytool.exe -importkeystore ^
-srckeystore www.bingco.com.jks ^
-destkeystore www.bingco.com.p12 ^
-srcstoretype jks ^
-deststoretype pkcs12
3.p12转keystore
keytool.exe -v ^
-importkeystore -srckeystore www.bingco.com.p12 ^
-srcstoretype pkcs12 ^
-destkeystore www.bingco.com.jks ^
-deststoretype jks
>>>>>
jdk不自带密钥导出功能,使用openssl或者代码实现
1.openssl命令导出.crt
openssl pkcs12 -in www.bingco.com.p12 -nokeys -out www.bingco.com.crt
2.openssl命令导出.key
openssl pkcs12 -in www.bingco.com.p12 -nocerts -nodes -out www.bingco.com.key
-----------------------
代码导出
import sun.misc.BASE64Encoder;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.util.HashMap;
public class main {
public KeyStore getKeyStore(String keyStorePath, String password) throws Exception {
FileInputStream is = new FileInputStream(keyStorePath);
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(is, password.toCharArray());
is.close();
return ks;
}
public PrivateKey getPrivateKey(HashMap<String, String> paramMap) {
try {
BASE64Encoder encoder = new BASE64Encoder();
KeyStore ks = getKeyStore(paramMap.get("path"), paramMap.get("passwd"));
PrivateKey key = (PrivateKey) ks.getKey(paramMap.get("alias"), paramMap.get("passwd").toCharArray());
String encoded = encoder.encode(key.getEncoded());
System.out.println("-----BEGIN RSA PRIVATE KEY-----");
System.out.println(encoded);
System.out.println("-----END RSA PRIVATE KEY-----");
return key;
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
public static void main(String[] args) throws Exception {
HashMap<String, String> paramMap = new HashMap<>();
for (String var : args) {
if (var.startsWith("-path")) {
String[] split = var.split("=");
if (split.length != 2) {
throw new RuntimeException("-path 参数定义有误: " + var);
}
paramMap.put("path", split[1]);
}
if (var.startsWith("-alias")) {
String[] split = var.split("=");
if (split.length != 2) {
throw new RuntimeException("-alias 参数定义有误: " + var);
}
paramMap.put("alias", split[1]);
}
if (var.startsWith("-passwd")) {
String[] split = var.split("=");
if (split.length != 2) {
throw new RuntimeException("-passwd 参数定义有误: " + var);
}
paramMap.put("passwd", split[1]);
}
}
main exec = new main();
exec.getPrivateKey(paramMap);
}
}
javac main.java
java main -path=./www.bingco.com.keystore -alias=www.bingco.com -passwd=126321
创建一个文本文件粘贴输出内容。
如: www.bingco.com.key
-- OVER --