如何从cer文件创建密钥库 [英] How to create keystore from cer files
问题描述
我有从cer文件创建密钥库的问题。我有三个文件:
- NameCertyfikat2015.cer
- NameIntermediateCA.cer
- NamePrivateKey.txt
我想要获得jks keystore文件,我该如何使用keytool?
我需要用于wildfly容器的文件
我的NamePrivateKey.txt以
开头----- BEGIN RSA PRIVATE KEY -----
ADDED 4/21:找到重复项:
keytool
不会直接处理私钥。
正常过程是:
- code> keytool -genkeypair 中的privatekey和publickey
-
keytool -certreq
从 生成CSR - 将CSR(和相关证据)发送给CA以获取证书
-
keytool -importcert
将证书加上任何所需的中间或链证书, $ 如果您没有JKS的私钥,但您的PrivateKey.txt文件包含可以由openssl使用的格式的私钥 - 以 - NameCertyfikat2015.cer
- NameIntermediateCA.cer
- NamePrivateKey.txt
- How can i create keystore from an existing certificate (abc.crt) and abc.key files?
- convert certificate from pem into jks
- importing an existing x509 certificate and private key in Java keystore to use in ssl
keytool -genkeypair
the privatekey and publickey in a JKSkeytool -certreq
generate a CSR from that keypair- send the CSR (and related evidence) to a CA to get a certificate
keytool -importcert
the certificate, plus any needed intermediate or "chain" certficate(s), into the same JKS
----- BEGIN
行开头,后跟一些base64行和匹配的 ----- END
行,如果是这样,以BEGIN命名的类型是什么? - 你有或者有openssl,你可以使用openssl将privatekey和相关证书合并到一个 PKCS#12 文件中,然后 keytool
可以将PKCS#12转换为JKS,如下所示: keytool -importkeystore -srckeystore p12file -srcstoretype pkcs12 -destkeystore jksfile
或根据 https://issues.jboss.org/browse/WFLY-3686 (足够近?)Wildfly可以使用PKCS12密钥库(而不是 的JKS)。
编辑4/21:openssl pkcs12
实用程序的文档位于系统如果安装了OpenSSL(通常为第1ssl或类似部分)为Unix,或者在 https://www.openssl.org/docs/apps/pkcs12.html#FILE-CREATION-OPTIONS ,或在上面的副本中,或也将CERT / PEM证书转换为PFX证书
I have got problem with creation keystore from cer files. I have got three files :
And i wanna to get jks keystore file, how can i do this using keytool ? I need that file for wildfly container
My NamePrivateKey.txt start with -----BEGIN RSA PRIVATE KEY-----
ADDED 4/21: Found duplicates:
keytool
does not handle private keys directly.
The normal process is:
If you don't have the JKS with the privateKey in it, but your PrivateKey.txt file contains the private key in a format usable by openssl -- does it begin with a -----BEGIN
line followed by some lines of base64 and a matching -----END
line and if so what is the type named after BEGIN? -- and you have or get openssl, you can use openssl to combine the privatekey and the related certs into a PKCS#12 file, and then keytool
can convert the PKCS#12 to a JKS like this:
keytool -importkeystore -srckeystore p12file -srcstoretype pkcs12 -destkeystore jksfile
Or according to https://issues.jboss.org/browse/WFLY-3686 (sufficiently recent?) Wildfly can use a PKCS12 keystore as-is (instead of JKS).
EDIT 4/21: Documentation for the openssl pkcs12
utility is in a man page on your system if Unix-like with OpenSSL installed (typically section 1ssl or similar), or online at https://www.openssl.org/docs/apps/pkcs12.html#FILE-CREATION-OPTIONS, or in the duplicates above, or also Convert a CERT/PEM certificate to a PFX certificate
这篇关于如何从cer文件创建密钥库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!