ECC加密证书与RSA证书 linux生成ECC证书 pem证书转p12证书 windows jdk自带keytool生成pfx证书:
openssl ecparam -out EccCA.key -name prime256v1 -genkey
openssl req -config openssl.cnf -key EccCA.key -new -out EccCA.req
openssl x509 -req -in EccCA.req -signkey EccCA.key -out EccCA.pem //生成根证书
openssl ecparam -out EccSite.key -name prime256v1 -genkey
openssl req -config openssl.cnf -key EccSite.key -new -out EccSite.req
openssl x509 -req -in EccSite.req -CA EccCA.pem -CAkey EccCA.key -out EccSite.pem -CAcreateserial //使用根证书签名的证书
pem证书转p12证书
openssl pkcs12 -export -inkey EccSite.key -in EccSite.pem -passin pass:123456 -passout pass:123456 -out EccSite.p12
windows jdk自带keytool生成pfx证书:
执行命令keytool -genkey
-alias test --别名
-keypass 123123 --私钥密码
-keyalg RSA --算法
-sigalg sha256withrsa --算法小类
-keysize 1024 --密钥长度
-validity 365 --有效期
-keystore d:/test.jks --生成路径
-storepass 123123 --主密码
即:
keytool -genkey -alias czz -keypass 123123 -keyalg RSA -sigalg sha256withrsa -keysize 1024 -validity 365 -keystore d:/czz.jks -storepass 123123
将生成的jks转成pfx证书
package com.jdwa.util;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.Enumeration;
public class JKS2PFX {
private static final String KEYSTORE_PASSWORD = "12345678";
private static void coverToPfx() {
try {
KeyStore inputKeyStore = KeyStore.getInstance("JKS");
FileInputStream fis = new FileInputStream("D://czz.jks");
char[] nPassword = null;
if ((KEYSTORE_PASSWORD == null)
|| KEYSTORE_PASSWORD.trim().equals("")) {
nPassword = null;
} else {
nPassword = KEYSTORE_PASSWORD.toCharArray();
}
inputKeyStore.load(fis, nPassword);
fis.close();
KeyStore outputKeyStore = KeyStore.getInstance("PKCS12");
outputKeyStore.load(null, KEYSTORE_PASSWORD.toCharArray());
Enumeration enums = inputKeyStore.aliases();
while (enums.hasMoreElements()) {
String keyAlias = (String) enums.nextElement();
System.out.println("alias=[" + keyAlias + "]");
if (inputKeyStore.isKeyEntry(keyAlias)) {
Key key = inputKeyStore.getKey(keyAlias, nPassword);
Certificate[] certChain = inputKeyStore
.getCertificateChain(keyAlias);
outputKeyStore.setKeyEntry(keyAlias, key, KEYSTORE_PASSWORD
.toCharArray(), certChain);
}
}
FileOutputStream out = new FileOutputStream("D://czz.pfx");
outputKeyStore.store(out, nPassword);
out.close();
} catch (Exception e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
coverToPfx();
}
}
欢迎大家可以关注我的微信公众号,方便利用零碎时间互相交流。共勉!
路漫漫其修远兮,吾将上下而求索。。。