Last active
August 27, 2019 09:02
-
-
Save ssledz/9faaf74c26f7942a53fbbf7fb05d1683 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # converting java keystore to .pem | |
| # https://www.calazan.com/how-to-convert-a-java-keystore-jks-to-pem-format/ | |
| # https://stackoverflow.com/questions/652916/converting-a-java-keystore-into-pem-format | |
| rm cert* | |
| command apg -m 30 -n 1 > pass.txt | |
| keytool -importkeystore \ | |
| -srckeystore keystore.jks \ | |
| -destkeystore cert.p12 \ | |
| -srcstoretype jks \ | |
| -deststoretype pkcs12 \ | |
| -srcstorepass $(cat keystore-pass.txt) \ | |
| -destkeypass "$(cat pass.txt)" \ | |
| -noprompt \ | |
| -deststorepass "$(cat pass.txt)" | |
| openssl pkcs12 -in cert.p12 -out cert-key.pem -passin pass:$(cat pass.txt) -passout pass:$(cat pass.txt) | |
| openssl dsa -text -in cert-key.pem -passin pass:$(cat pass.txt) > key.pem | |
| openssl x509 -text -in cert-key.pem > cert.pem | |
| # converting trust certificate from .jks to .pem | |
| # https://stackoverflow.com/questions/24343681/how-to-convert-trust-certificate-from-jks-to-pem | |
| rm -f ca.pem | |
| keytool -exportcert \ | |
| -keystore truststore.jks \ | |
| -storepass $(cat truststore-pass.txt) \ | |
| -storetype jks \ | |
| -alias caroot \ | |
| -rfc \ | |
| -file ca.pem | |
| # list all system certs | |
| keytool -keystore /usr/lib/jvm/java-8-oracle/jre/lib/security/cacerts -list -storepass changeit | |
| # import self signed ssl cert `XXX.crt` to system certs | |
| keytool -import -storepass changeit\ | |
| -noprompt \ | |
| -alias xxx.softech.pl \ | |
| -keystore /usr/lib/jvm/java-8-oracle/jre/lib/security/cacerts \ | |
| -trustcacerts \ | |
| -file XXX.crt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment