提取证书及证书密钥

.p12

提取证书

 openssl pkcs12 -in newkeystore.p12 -nokeys -clcerts -out server-ssl.crt

提取私钥

openssl pkcs12 -nocerts -nodes -in newkeystore.p12 -out server.key

.jks

将.jks文件转为.p12

将.jks文件转为.p12(PKCS12格式证书库),之后提取过程和.p12一致

keytool -importkeystore -srckeystore C:\Users\14784\Desktop\xzhongwei\SHA256withRSA_xzhongwei.com.jks  -destkeystore server-pkcs12.p12 -deststoretype PKCS12

常见证书转换

1.p12格式转化成pem格式,这里面包含证书和钥匙(格式转化时,需要输入证书的提取密码)
openssl pkcs12 -in  cert.p12 -out bea.pem -nodes
2.仅提取证书(所有证书)
openssl pkcs12 -in cert.p12 -nokeys -out bea.pem
openssl pkcs12 -in server.p12 -password pass:111111 -nokeys -out cert.pem
3.仅提取server证书(提取证书时需要输入密码)
openssl pkcs12 -in cert.p12 -nokeys -clcerts -out bea.pem
openssl pkcs12 -in cert.p12 -password pass:111111 -nokeys -clcerts -out cert.pem 
4.仅提取ca证书(提取证书时需要输入密码)
openssl pkcs12 -in cert.p12 -nokeys -cacerts -out bea.pem
openssl pkcs12 -in cert.p12  -password pass:111111 -nokeys -cacerts -out cert.pem 
5.提取私钥(不加密-nodes)
openssl pkcs12 -in cert.p12 -nocerts -nodes -out bea.key
openssl pkcs12 -in cert.p12 -password pass:111111 -passout pass:111111 -nocerts -out key.pem

评论

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×