Skip to content

Instantly share code, notes, and snippets.

@lengerfulluse

lengerfulluse/common_used_keytoll_cmd.md

Last active August 29, 2015 14:22
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save lengerfulluse/ced34e5201b2ee622b26 to your computer and use it in GitHub Desktop.
Save lengerfulluse/ced34e5201b2ee622b26 to your computer and use it in GitHub Desktop.
Download ZIP
Common used java security certificate create/modify command(openssl, keytool)
Raw
common_used_keytoll_cmd.md

####keytool

  1. To Create a New TrustStore
    keytool -import -file C:\cascerts\firstCA.cert -alias firstCA -keystore myTrustStore

  2. To import a cert to a trustStore:
    eytool -import -trustcacerts -file cacert.pem.cer -alias tenpay_ca -keystore wechat-cert.ssl.truststore.jks

  3. List a certs in a trustStore:
    keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts

  4. Import a pfx format certificate into a jks format:
    keytool -importkeystore -srckeystore mypfxfile.pfx -srcstoretype pkcs12 -destkeystore clientcert.jks -deststoretype JKS

  5. Change a keystore password:
    Keytool -storepasswd -keystore my.keystore

  6. Change the key's password:
    keytool -keypasswd -alias <key_name> -keystore my.keystore

####openssl 公私钥

  1. 从pem证书中导出公钥: openssl x509 -pubkey -noout -in cert.pem > pubkey.pem

  2. 从RSA私钥中导出公钥: openssl rsa -in key.pem -pubout -out pubkey.pem

  3. 从老的RSA私钥格式(Begin Private Key)转换到新的RSA私钥格式(Begin RSA Private Key): openssl rsa -in begin_private_key.key -out begin_rsa_private_key.key

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment