不想存儲p12證書內容,只想存儲證書密鑰,可通過以下2種方式實現
一、通過java讀取證書的密鑰出來:
1 package com.zat.ucop.service.util; 2 3 import org.apache.commons.codec.binary.Base64; 4 5 import java.io.FileInputStream; 6 import java.io.IOException; 7 import java.security.*; 8 import java.security.cert.Certificate; 9 import java.security.cert.CertificateException; 10 import java.util.Enumeration; 11 12 /** 13 * 讀取P12格式證書的密鑰. 14 * 15 * @author weixiong.cao 16 * @date 2019/4/3 17 */ 18 public class ReadP12Demo { 19 20 public static void main(String[] args) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException { 21 String keyStorePath = "E:/client_01.p12"; 22 String password = "123456"; 23 24 // 實例化密鑰庫,默認JKS類型 25 KeyStore ks = KeyStore.getInstance("PKCS12"); 26 // 獲得密鑰庫文件流 27 FileInputStream is = new FileInputStream(keyStorePath); 28 // 加載密鑰庫 29 ks.load(is, password.toCharArray()); 30 // 關閉密鑰庫文件流 31 is.close(); 32 33 //私鑰 34 Enumeration aliases = ks.aliases(); 35 String keyAlias = null; 36 if (aliases.hasMoreElements()){ 37 keyAlias = (String)aliases.nextElement(); 38 System.out.println("p12's alias----->"+keyAlias); 39 } 40 PrivateKey privateKey = (PrivateKey) ks.getKey(keyAlias, password.toCharArray()); 41 String privateKeyStr = Base64.encodeBase64String(privateKey.getEncoded()); 42 System.out.println("私鑰------------->" + privateKeyStr); 43 44 //公鑰 45 Certificate certificate = ks.getCertificate(keyAlias); 46 String publicKeyStr = Base64.encodeBase64String(certificate.getPublicKey().getEncoded()); 47 System.out.println("公鑰------------->"+publicKeyStr); 48 } 49 }
二、通過openssl命令讀取
進入linux控制臺,輸入以下命令
openssl pkcs12 -in ./client_01.p12 -nocerts -nodes -out ./priKey.prikey
會在指定目錄下生成1個priKey.prikey,我們在提取裏面的內容:
