tomcat  nginx  证书切换

1. 导出公钥
keytool -export -alias tomcat  -keystore <you jks>wsriakey.keystore -file <outputfile>wsriakey.crt
 
 
2. 转化为 pem 格式
openssl x509 -out <outputfilename>wsriakey-pem.crt -outform pem -text -in <some crt you want to use>wsriakey.crt -inform der
 
 
3. 获取私钥
使用Java 代码
git clone https://github.com/joshvette001/java-exportpriv.git
cd java-exportpriv.git
javac ExportPriv.java
java ExportPriv <keystore> <alias> <password> > wsriakey-pkcs8.key
 
 
4. 转换为nginx 支持的证书
openssl pkcs8 -inform PEM -nocrypt -in wsriakey-pkcs8.key -out <you private key>wsriakey.keyitclj.key
 
 
5. 参考资料
https://github.com/joshvette001/java-exportpriv.git
https://myssl.com/
https://mozilla.github.io/server-side-tls/ssl-config-generator/
 
 
【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/rongfengliang/p/8564482.html