How to convert trust certificate from .jks to .pem?

前端未结

关注

 2  595

执笔经年 2020-12-31 08:44

I have a Java SSL server to which I want my Java SSL client and C++ SSL client to be able to connect. The Java client connects without issues. Now I want to have my C++ SSL

2条回答

北海茫月 (楼主)

2020-12-31 09:11

Unfortunately keytool explicitly will not let you export from a trust store since they are of the opinion that PEM files do not support the concept of trusted certificate. So I would use the keystore of cer files instead.

From a cer:

openssl x509 -inform der -in serverpub.cer -out serverpub.pem

From a keystore:

keytool -importkeystore -srckeystore server.jks -destkeystore server.p12 -deststoretype PKCS12
openssl pkcs12 -in server.p12 -nokeys -out server.cer.pem
openssl pkcs12 -in server.p12 -nodes -nocerts -out server.key.pem

or just try

keytool -exportcert -alias myserverkeys -keystore serverpub.jks -rfc -file serverpub.pem

0 讨论(0)

查看其它2个回答