之前的link已經不見了 所以重新update一下
http://en.wikipedia.org/wiki/PKCS
java的keystore(jks)算是pkcs12的部分
但由於jks是sun的proprietary的format
所以openssl沒法處理jks 要先把他轉成pkcs12再用keytool來轉
首先要先把 private key (pkcs8) 從DER format轉成PEM format
openssl pkcs8 -inform DER -nocrypt -in platform.pk8 -out platform.pem
然後要把private key 跟public key 轉成pkcs12
openssl pkcs12 -export -in platform.x509.pem -inkey platform.pem -out platform.pkcs12
最後用keytool把他轉成jks
keytool -importkeystore -srckeystore platform.pkcs12 -srcstoretype pkcs12 -srcstorepass android -destkeystore platform.jks -deststoretype jks -deststorepass PASSWORD
注意的是 產生的alias是1 還不知道怎麼改alias就是了.......
keytool -list -keystore platform.jks -storetype jks -storepass PASSWORDKeystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
1, Jan 18, 2011, PrivateKeyEntry,
Certificate fingerprint (MD5): 8D:DB:34:2F:2D:A5:40:84:02:D7:56:8A:F2:1E:29:F9在build.properties 加上key.store=platform.jks
key.alias=1
最後 ant release 再打上PASSWORD就好了
2011.06.13===== java keystore to certificate + private =========keytool -export -alias 1 -keystore platform.jks -file exported-der.crtopenssl x509 -in exported-der.crt -inform der > platform.x509.pem 就變回原來的x509 certificate
至於private key目前查到的結果都是keytool沒辦法export private key都要另外下載個ExportedPriv.java來作export的動作
Reference :http://conshell.net/wiki/index.php/OpenSSL_to_Keytool_Conversion_tipshttp://conshell.net/wiki/index.php/Keytool_to_OpenSSL_Conversion_tips
http://www.herongyang.com/crypto/Key_Formats_PKCS8_PKCS12_4.html
1 comment:
Undeniably imagine that that you stated. Your favourite justification seemed to be at the net the easiest factor to bear in mind of.
I say to you, I certainly get irked whilst other folks think
about concerns that they plainly don't know about. You managed to hit the nail upon the top and outlined out the whole thing without having side-effects , folks could take a signal. Will probably be again to get more. Thanks
Feel free to visit my web-site cellulite treatment
Post a Comment