Shulou(Shulou.com)06/01 Report--

This article mainly explains "how to use Java to produce jks certificate". The content of the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "how to use Java to produce jks certificate".

Create a self-signed ssl certificate

Download the openssl software:

Set environment variabl

Enter the openssl installation directory:

Set OPENSSL_CONF=d:\ openssl\ OpenSSL-Win64\ bin\ openssl.cfg

Go to the bin directory of openssl and right-click openssl.exe to run it as an administrator

Note: be sure to run as an administrator

Use the openssl tool to generate a RSA private key

Generate a 2048-bit RSA key. After out, you can write the path. The default is the current directory.

Genrsa-des3-out server.key 2048

You need to enter a password of at least 4 digits and a confirmation password.

Generate CSR (Certificate signing request) req-new-key server.key-out server.csr

You need to enter country, region, city, organization, organizational unit, Common Name and Email in turn. Among them, Common Name can write its own name or domain name. If you want to support https,Common Name, it should be consistent with the domain name, otherwise it will cause browser warning.

Delete the password in the private key. In the process of creating the private key in step 1, a password must be specified. This password will have a side effect, that is, every time Apache starts the Web server, it will ask for a password, which is obviously very inconvenient. To delete the password in the private key.

Rsa-in server.key-out server_no_passwd.key

Generate a self-signed certificate

X509-req-days 365-in server.csr-signkey server_no_passwd.key-out server.crt

The server.crt we get is the SSL certificate we need. Crt contains information about the holder of the certificate, the public key of the holder, and the signature of the signer. When the user installs the certificate, it means that he trusts the certificate and has the public key in it.

Second, use the keytool generation of JAVA

Jdk version-JDK1.6 above

1. Enter the installation bin directory of jdk

Keytool-genkey-alias lck-keypass 123456-keyalg RSA-sigalg sha256withrsa-keysize 2048-validity-keystore d:/lck.jks-storepass 123456

Keytool-genkey-alias lck (alias)

-keypass 123456 (private key password)

-keyalg RSA (algorithm)

-sigalg sha256withrsa (algorithm subclass)

-keysize 2048 (key length)

-validity 365 (valid)

-keystore d:/lck.jks (build path)

-storepass 123456 (master password)

Enter the required:

Thank you for your reading, the above is the content of "how to use Java to produce jks certificate". After the study of this article, I believe you have a deeper understanding of how to use Java to produce jks certificate, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.