Java 如何从密钥库导出 .key 和 .crt
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/23087537/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to export .key and .crt from keystore
提问by Dusean Singh
When I was building android app on development machine, I was required to have SSL certificate for app so I generated a keystore with keytool for Tomcat. I extracted the cert from keystore and put it into .bks for using android, and all went well.
当我在开发机器上构建 android 应用程序时,我需要有应用程序的 SSL 证书,所以我用 Tomcat 的 keytool 生成了一个密钥库。我从密钥库中提取了证书并将其放入 .bks 以使用 android,一切顺利。
Now we have to shift all server-side code to server which required Apache HTTP and Tomcat. Apache HTTP SSL requires .key and .crt files and I cannot find a way to export .key and .crt file from the keystore
现在我们必须将所有服务器端代码转移到需要 Apache HTTP 和 Tomcat 的服务器上。Apache HTTP SSL 需要 .key 和 .crt 文件,我找不到从密钥库导出 .key 和 .crt 文件的方法
Can anyone help with this? I found that you can generate .crt from .pem
有人能帮忙吗?我发现你可以从 .pem 生成 .crt
openssl x509 -outform der -in your-cert.pem -out your-cert.crt
But how can i get .key file?
但是我怎样才能得到 .key 文件呢?
采纳答案by hoaz
Keytool (available in JDK) allows you to export certificates to a file:
Keytool(在 JDK 中可用)允许您将证书导出到文件:
keytool -exportcert -keystore [keystore] -alias [alias] -file [cert_file]
To export regular keys you should use -importkeystore command (surprise):
要导出常规密钥,您应该使用 -importkeystore 命令(惊喜):
keytool -importkeystore -srckeystore [keystore] -destkeystore [target-keystore] -deststoretype PKCS12
回答by vishy dewangan
You can create new set of key and self signed certificate using filling steps: 1. Creation of key and certificate signing request: openssl req -newkey rsa:2048 -out cert.csr -keyout cert.key 2. Creation of pem openssl x509 -req -signkey cert.key -in cert.csr -out cert.pem
您可以使用填写步骤创建一组新的密钥和自签名证书: 1. 创建密钥和证书签名请求:openssl req -newkey rsa:2048 -out cert.csr -keyout cert.key 2. 创建 pem openssl x509 - req -signkey cert.key -in cert.csr -out cert.pem
