• ECC加密证书与RSA证书

    linux生成ECC证书

    openssl ecparam -out EccCA.key -name prime256v1 -genkey
openssl req -config openssl.cnf -key EccCA.key -new -out EccCA.req 
openssl x509 -req -in EccCA.req -signkey EccCA.key -out EccCA.pem   //生成根证书
openssl ecparam -out EccSite.key -name prime256v1 -genkey
openssl req -config openssl.cnf -key EccSite.key -new -out EccSite.req
openssl x509 -req -in EccSite.req -CA EccCA.pem -CAkey EccCA.key -out EccSite.pem -CAcreateserial //使用根证书签名的证书

    pem证书转p12证书

    openssl pkcs12 -export -inkey EccSite.key -in EccSite.pem -passin pass:123456 -passout pass:123456 -out EccSite.p12

    windows jdk自带keytool生成pfx证书:

    执行命令
    keytool -genkey
    -alias test --别名
    -keypass 123123 --私钥密码
    -keyalg RSA --算法
    -sigalg sha256withrsa --算法小类
    -keysize 1024 --密钥长度
    -validity 365 --有效期
    -keystore d:/test.jks --生成路径
    -storepass 123123 --主密码

    即:

    keytool -genkey -alias czz -keypass 123123 -keyalg RSA -sigalg sha256withrsa -keysize 1024 -validity 365 -keystore d:/czz.jks -storepass 123123

    将生成的jks转成pfx证书

    package com.jdwa.util;

import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.Enumeration;

public class JKS2PFX {
    private static final String KEYSTORE_PASSWORD = "12345678";

    private static void coverToPfx() {
        try {
            KeyStore inputKeyStore = KeyStore.getInstance("JKS");
            FileInputStream fis = new FileInputStream("D://czz.jks");
            char[] nPassword = null;
            if ((KEYSTORE_PASSWORD == null)
                    || KEYSTORE_PASSWORD.trim().equals("")) {
                nPassword = null;
            } else {
                nPassword = KEYSTORE_PASSWORD.toCharArray();
            }

            inputKeyStore.load(fis, nPassword);
            fis.close();

            KeyStore outputKeyStore = KeyStore.getInstance("PKCS12");
            outputKeyStore.load(null, KEYSTORE_PASSWORD.toCharArray());

            Enumeration enums = inputKeyStore.aliases();
            while (enums.hasMoreElements()) {
                String keyAlias = (String) enums.nextElement();
                System.out.println("alias=[" + keyAlias + "]");
                if (inputKeyStore.isKeyEntry(keyAlias)) {
                    Key key = inputKeyStore.getKey(keyAlias, nPassword);
                    Certificate[] certChain = inputKeyStore
                            .getCertificateChain(keyAlias);
                    outputKeyStore.setKeyEntry(keyAlias, key, KEYSTORE_PASSWORD
                            .toCharArray(), certChain);
                }
            }
            FileOutputStream out = new FileOutputStream("D://czz.pfx");
            outputKeyStore.store(out, nPassword);
            out.close();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
    public static void main(String[] args) {
        coverToPfx();
    }
}
    欢迎大家可以关注我的微信公众号,方便利用零碎时间互相交流。共勉!

    路漫漫其修远兮,吾将上下而求索。。。
  • 相关阅读:
    UML类图(上):类、继承和实现
    Maven实战:Maven生命周期
    MyBatis6:MyBatis集成Spring事物管理(下篇)
    MyBatis5:MyBatis集成Spring事务管理(上篇)
    Spring7:基于注解的Spring MVC(下篇)
    Spring6:基于注解的Spring MVC(上篇)
    Spring5:@Autowired注解、@Resource注解和@Service注解
    Dubbo学习小记
    Maven入门详解
    MyBatis4:动态SQL
  • 原文地址:https://www.cnblogs.com/caozz/p/cert.html
Copyright © 2020-2023  润新知