####keytool
-
To Create a New TrustStore
keytool -import -file C:\cascerts\firstCA.cert -alias firstCA -keystore myTrustStore -
To import a cert to a trustStore:
eytool -import -trustcacerts -file cacert.pem.cer -alias tenpay_ca -keystore wechat-cert.ssl.truststore.jks -
List a certs in a trustStore:
keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts -
Import a pfx format certificate into a jks format:
keytool -importkeystore -srckeystore mypfxfile.pfx -srcstoretype pkcs12 -destkeystore clientcert.jks -deststoretype JKS -
Change a keystore password:
Keytool -storepasswd -keystore my.keystore -
Change the key's password:
keytool -keypasswd -alias <key_name> -keystore my.keystore
####openssl 公私钥
-
从pem证书中导出公钥: openssl x509 -pubkey -noout -in cert.pem > pubkey.pem
-
从RSA私钥中导出公钥: openssl rsa -in key.pem -pubout -out pubkey.pem
-
从老的RSA私钥格式(Begin Private Key)转换到新的RSA私钥格式(Begin RSA Private Key): openssl rsa -in begin_private_key.key -out begin_rsa_private_key.key