keystore to openssl .
java -jar ExportPrivateKey.zip {keystore_path} JKS {keystore_password} {alias} {target_file}
This would export the key to PKCS #8 PEM format. Now run openssl to convert it to the format apache modssl expects the file in
openssl pkcs8 -inform PEM -nocrypt -in exported-pkcs8.key -out exported.key
The java code for exporting the private key in PKCS #8 format
1.
import java.io.File;
2.
import java.io.FileInputStream;
3.
import java.io.FileWriter;
4.
import java.security.Key;
5.
import java.security.KeyPair;
6.
import java.security.KeyStore;
7.
import java.security.KeyStoreException;
8.
import java.security.NoSuchAlgorithmException;
9.
import java.security.PrivateKey;
10.
import java.security.PublicKey;
11.
import java.security.UnrecoverableKeyException;
12.
import java.security.cert.Certificate;
13.
14.
import sun.misc.BASE64Encoder;
15.
16.
public class ExportPrivateKey {
17.
private File keystoreFile;
18.
private String keyStoreType;
19.
private char[] password;
20.
private String alias;
21.
private File exportedFile;
22.
23.
public static KeyPair getPrivateKey(KeyStore keystore, String alias, char[] password) {
24.
try {
25.
Key key=keystore.getKey(alias,password);
26.
if(key instanceof PrivateKey) {
27.
Certificate cert=keystore.getCertificate(alias);
28.
PublicKey publicKey=cert.getPublicKey();
29.
return new KeyPair(publicKey,(PrivateKey)key);
30.
}
31.
} catch (UnrecoverableKeyException e) {
32.
} catch (NoSuchAlgorithmException e) {
33.
} catch (KeyStoreException e) {
34.
}
35.
return null;
36.
}
37.
38.
public void export() throws Exception{
39.
KeyStore keystore=KeyStore.getInstance(keyStoreType);
40.
BASE64Encoder encoder=new BASE64Encoder();
41.
keystore.load(new FileInputStream(keystoreFile),password);
42.
KeyPair keyPair=getPrivateKey(keystore,alias,password);
43.
PrivateKey privateKey=keyPair.getPrivate();
44.
String encoded=encoder.encode(privateKey.getEncoded());
45.
FileWriter fw=new FileWriter(exportedFile);
46.
fw.write(“—–BEGIN PRIVATE KEY—–\n“);
47.
fw.write(encoded);
48.
fw.write(“\n“);
49.
fw.write(“—–END PRIVATE KEY—–”);
50.
fw.close();
51.
}
52.
53.
54.
public static void main(String args[]) throws Exception{
55.
ExportPrivateKey export=new ExportPrivateKey();
56.
export.keystoreFile=new File(args[0]);
57.
export.keyStoreType=args[1];
58.
export.password=args[2].toCharArray();
59.
export.alias=args[3];
60.
export.exportedFile=new File(args[4]);
61.
export.export();
62.
}
63.
}
虽然有错 ,, 还是记录下~!
,, 居然 搞出来是 空指针错误,,
KeyPair keyPair=getPrivateKey(keystore,alias,password);
PrivateKey privateKey=keyPair.getPrivate();
这里读取不到,,
还有Keystore Explorer 这个工具 是可以出私钥的。
大家可以试试。 找到你的 keystore 文件就可以了。
java -jar ExportPrivateKey.zip {keystore_path} JKS {keystore_password} {alias} {target_file}
This would export the key to PKCS #8 PEM format. Now run openssl to convert it to the format apache modssl expects the file in
openssl pkcs8 -inform PEM -nocrypt -in exported-pkcs8.key -out exported.key
The java code for exporting the private key in PKCS #8 format
1.
import java.io.File;
2.
import java.io.FileInputStream;
3.
import java.io.FileWriter;
4.
import java.security.Key;
5.
import java.security.KeyPair;
6.
import java.security.KeyStore;
7.
import java.security.KeyStoreException;
8.
import java.security.NoSuchAlgorithmException;
9.
import java.security.PrivateKey;
10.
import java.security.PublicKey;
11.
import java.security.UnrecoverableKeyException;
12.
import java.security.cert.Certificate;
13.
14.
import sun.misc.BASE64Encoder;
15.
16.
public class ExportPrivateKey {
17.
private File keystoreFile;
18.
private String keyStoreType;
19.
private char[] password;
20.
private String alias;
21.
private File exportedFile;
22.
23.
public static KeyPair getPrivateKey(KeyStore keystore, String alias, char[] password) {
24.
try {
25.
Key key=keystore.getKey(alias,password);
26.
if(key instanceof PrivateKey) {
27.
Certificate cert=keystore.getCertificate(alias);
28.
PublicKey publicKey=cert.getPublicKey();
29.
return new KeyPair(publicKey,(PrivateKey)key);
30.
}
31.
} catch (UnrecoverableKeyException e) {
32.
} catch (NoSuchAlgorithmException e) {
33.
} catch (KeyStoreException e) {
34.
}
35.
return null;
36.
}
37.
38.
public void export() throws Exception{
39.
KeyStore keystore=KeyStore.getInstance(keyStoreType);
40.
BASE64Encoder encoder=new BASE64Encoder();
41.
keystore.load(new FileInputStream(keystoreFile),password);
42.
KeyPair keyPair=getPrivateKey(keystore,alias,password);
43.
PrivateKey privateKey=keyPair.getPrivate();
44.
String encoded=encoder.encode(privateKey.getEncoded());
45.
FileWriter fw=new FileWriter(exportedFile);
46.
fw.write(“—–BEGIN PRIVATE KEY—–\n“);
47.
fw.write(encoded);
48.
fw.write(“\n“);
49.
fw.write(“—–END PRIVATE KEY—–”);
50.
fw.close();
51.
}
52.
53.
54.
public static void main(String args[]) throws Exception{
55.
ExportPrivateKey export=new ExportPrivateKey();
56.
export.keystoreFile=new File(args[0]);
57.
export.keyStoreType=args[1];
58.
export.password=args[2].toCharArray();
59.
export.alias=args[3];
60.
export.exportedFile=new File(args[4]);
61.
export.export();
62.
}
63.
}
虽然有错 ,, 还是记录下~!
,, 居然 搞出来是 空指针错误,,
KeyPair keyPair=getPrivateKey(keystore,alias,password);
PrivateKey privateKey=keyPair.getPrivate();
这里读取不到,,
还有Keystore Explorer 这个工具 是可以出私钥的。
大家可以试试。 找到你的 keystore 文件就可以了。