_windwalker_ (_windwalker_) wrote,
_windwalker_
_windwalker_

Openssl <-> keytool interop

Технические подробности на память


keytool -genkeypair -keysize 2048 -alias provider1 -keyalg RSA -keystore test.jks

keytool -exportcert -file test.cert -keystore test.jks -alias provider1

keytool -importcert -file test.cert -alias public_provider1 -keystore public.jks

Кусок кода, что экспортирует private key из keystore в формате, понятном для openssl pkcs8:

String password="change me";
KeyStore privateStore = KeyStore.getInstance(KeyStore.getDefaultType());
privateStore.load(getClass().getResourceAsStream("/test.jks"), password.toCharArray());
Key key = privateStore.getKey(privateKeyAlias, password.toCharArray());
FileOutputStream fos = new FileOutputStream (new File("./"+privateKeyAlias+".pkcs8"));
fos.write(key.getEncoded());
fos.close();


Первод ключа из pkcs8 в формат, понятный для openssl (формат pem):

openssl pkcs8 -nocrypt -inform der -in provider1.pkcs8 -outform pem -out provider1.pem
Tags: java
Subscribe
  • Post a new comment

    Error

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 2 comments