lets-encrypt-certificates转keystore
-
Create a PKCS12 file containing full chain and private key
openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out pkcs.p12 -name NAME -
Convert PKCS12 to Keystore
The STORE_PASS is the password which was entered in step 2) as a password for the pkcs12 file.
keytool -importkeystore -deststorepass PASSWORD_STORE -destkeypass PASSWORD_KEYPASS -destkeystore keystore.jks -srckeystore pkcs.p12 -srcstoretype PKCS12 -srcstorepass STORE_PASS -alias NAME
If you happen to get a java.io.IOException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded, you have probably forgotten to enter the correct password from step 2.
pfx证书转jks
cmd到jdk的bin下
keytool -importkeystore -srckeystore mycert.pfx -srcstoretype pkcs12 -destkeystore mycert.jks -deststoretype JKS
mycert.pfx是转前的pfx
mycert.jks是转后的
RSA加密:java.security.spec.InvalidKeySpecException DerInputStream.getLength(): lengthTag=111, too big.
解决办法:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-resources-plugin</artifactId>
<configuration>
<encoding>UTF-8</encoding>
<!-- 过滤后缀为pem、pfx、p12、dat的证书文件 -->
<nonFilteredFileExtensions>
<nonFilteredFileExtension>pem</nonFilteredFileExtension>
<nonFilteredFileExtension>pfx</nonFilteredFileExtension>
<nonFilteredFileExtension>p12</nonFilteredFileExtension>
<nonFilteredFileExtension>dat</nonFilteredFileExtension>
</nonFilteredFileExtensions>
</configuration>
</plugin>
网友评论