oracle 从 .crt 和 .key 文件创建 .jks 是可能的
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/38250271/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Creating a .jks from a .crt and .key file, is that possible
提问by SScotti
I requested a SSL certificate from an authority.
我向权威机构申请了 SSL 证书。
First, I created a .csr and a .key file on my computer and saved those. I sent the .csr and got back a .crt file and other files that I installed on my server.
首先,我在我的电脑上创建了一个 .csr 和一个 .key 文件并保存了它们。我发送了 .csr 并取回了 .crt 文件和我安装在服务器上的其他文件。
All works fine for my Apache server with an SSL connection. However, I would like to be able to use the same certificate for a Tomcat server that I also have running on the system on a different port (Using JIRA). The setup needs a .jks file. Is it possible to generate that from the files that I have?
对于我的带有 SSL 连接的 Apache 服务器,一切正常。但是,我希望能够将相同的证书用于我也在不同端口(使用 JIRA)的系统上运行的 Tomcat 服务器。设置需要一个 .jks 文件。是否可以从我拥有的文件中生成它?
This seems like it might work, but I don't have that utility in my CLASSPATH or cannot find it.
这似乎可行,但我的 CLASSPATH 中没有该实用程序或找不到它。
回答by modulo
You can use openssland keytool
您可以使用openssl和keytool
openssl pkcs12 -export -out domainname.pfx -inkey domainname.key -in domainname.crt -password pass:mypassword
keytool -importkeystore -srckeystore domainname.pfx -srcstoretype pkcs12 -srcalias 1 -srcstorepass mypassword -destkeystore domainname.jks -deststoretype jks -deststorepass mypassword -destalias myalias
Where
在哪里
- domainname.crt is the crtinput file
- domainname.key is the keyinput file
- domainname.pfx is the pkcs12intermediate file
- domainname.jks is the jksoutput file
- mypassword is the passwordof the pkcs12 and the jks files
- myalias is the aliasof the certificate in the jks file
- domainname.crt 是crt输入文件
- domainname.key 是密钥输入文件
- domainname.pfx 是pkcs12中间文件
- domainname.jks 是jks输出文件
- mypassword 是pkcs12 和 jks 文件的密码
- myalias是jks文件中证书的别名
回答by Mike Hardwood
You can convert a PFX from those files:
您可以从这些文件转换 PFX:
openssl pkcs12 -export -out domain.name.pfx -inkey domain.name.key -in domain.name.crt
Then export the jks from the PFX by following this guide:
然后按照本指南从 PFX 导出 jks:
https://blogs.oracle.com/blogbypuneeth/entry/steps_to_create_a_jks1
https://blogs.oracle.com/blogbypuneeth/entry/steps_to_create_a_jks1
