//生成服务端的jks
keytool -genkey -alias server -keypass 123456 -keyalg RSA -keysize 2048 -validity 365 -keystore ./server.jks -storepass 123456 -dname "CN=server"
//生成客户端的jks
keytool -genkey -alias client -keypass 123456 -keyalg RSA -keysize 2048 -validity 365 -keystore ./client.jks -storepass 123456 -dname "CN=client"
//导出公钥cer
keytool -alias server -export -keystore ./server.jks -file ./server.cer
//查看公钥的内容
keytool -printcert -file ./server.cer
//把公钥导入客户端的jks
keytool -import -trustcacerts -alias server -file server.cer -keystore ./client.jks -storepass 123456
//查看秘钥仓库的秘钥和证书
keytool -list -v -keystore ./client.jks
//删除证书
keytool -delete -keystore ./client.jks -alias server
//如果需要导出公匙。则使用下面的命令,可以查看公钥私钥,也可拷贝出来
keytool -list -rfc --keystore ./server.jks | openssl x509 -inform pem -pubkey
网友评论