使用openssl生成证书
生成EC证书
openssl ecparam -genkey -name prime256v1 -out eckey.pem
openssl req -new -sha256 -key eckey.pem -subj /C=CN/ST=Shanghai/L=Yangpu/O=Tech./OU=IT/CN=www.xiaoma.cn -out eccsr.csr
openssl req -x509 -sha256 -days 365 -key eckey.pem -in eccsr.csr -out eccert.pem
生成RSA证书
openssl genrsa -out rsa.key
openssl req -new -key rsa.key -nodes -sha256 -subj /C=CN/ST=Shanghai/L=Yangpu/O=Tech./OU=IT/CN=www.xiaoma.cn -out rsa.pem
openssl x509 -in rsa.pem -days 100 -signkey rsa.key -req -sha256 -out rsacert.pem
获取公钥
openssl x509 -in rsa.pem -pubkey
java解析证书为jwk
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId>
<version>[ version ]</version>
</dependency>
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTParser;
import java.security.PrivateKey;
import java.util.List;
public class JWKConver{
private static String privateKeyStr = "";
private static String jwkStr = "";
public static void main(String[] args) throws Exception{
JWK jwk = JWK.parseFromPEMEncodedObjects(privateKeyStr);
System.out.println(jwk);
PrivateKey privateKey = jwk.toRSAKey().toPrivateKey();
System.out.println(jwk.toPublicJWK());
}
}