将提供者的JCEKS密钥转换为另一个提供者的另一个商店 [英] Convert a key of JCEKS of a provider into another store for another provider

问题描述

我有一个使用SUN PROVIDER创建的密钥库JCEKS。

I have a keystore JCEKS create with the SUN PROVIDER.

我必须在没有SUN PROVIDER的IBM JDK上使用同一个商店。如何使用keytool转换密钥库或导出密钥，以便让IBM JDK访问密钥库中的密钥？

I have to use the same store on a IBM JDK that doesn't have the SUN PROVIDER. How can i convert the keystore or export the key using keytool in order to let the IBM JDK to access the key in the keystore?

推荐答案

您可以将IBMJCE与使用SunJCE创建的JCEKS密钥库一起使用。有可能使用keytool为密钥库提供了密码，也为securekey本身提供了单独的密码。使用keyman IBM Key Manager或您自己的类与IBMJCE一起从JCEKS获取安全密钥时，您可能会收到com.sun.crypto.provider.SealedObjectForKeyProtector错误。解决方案是将密钥库和安全密钥的密码设置为相同的值。

You can use the IBMJCE with a JCEKS keystore created using SunJCE. It might be possible that using keytool a password was provided for both the keystore as well as a separate password for the securekey itself. When using keyman IBM Key Manager or your own classes with the IBMJCE to get the secure key from the JCEKS you may get com.sun.crypto.provider.SealedObjectForKeyProtector error. The solution is to set the password for the keystore and the securekey to the same value.

这篇关于将提供者的JCEKS密钥转换为另一个提供者的另一个商店的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！