编程知识 cdmana.com

Using java keytool RSA under Windows

Asymmetric encryption algorithm

The proposer  Ron Rivest、Adi Shamir、Leonard Adleman ------> RAS

Security :

RSA Allows you to choose the size of the public key .512 The key of the bit is considered unsafe ;768 The key of bit does not need to be worried about being managed by the state security (NSA) The harm of other things ;1024 The key of bit is almost secure .

Basic scenario :

1.    A Generate public and private keys . The public key is public , Anyone can get , The private key is confidential .

2.    B obtain A The public key , Then use it to encrypt information .

3.    A The encrypted information is obtained , Decrypt with private key .

Location :

%JAVA_HOME%/bin 

Argument parsing

-alias <alias> Alias of the item to be processed

-keyalg <keyalg> Key algorithm name

-keysize <keysize> Key bit size

-sigalg <sigalg> Signature algorithm name

-destalias <destalias> Target alias

-dname <dname> The only alias

-startdate <startdate> Certificate valid from / Time

-ext <value> X.509 Expand

-validity <valDays> Effective days

-keypass <arg> Key password

-keystore <keystore> Keystore name

-storepass <arg> Keystore password

-storetype <storetype> Keystore type

-providername <providername> Provider name

-providerclass <providerclass> Provider class name

-providerarg <arg> Provider parameters

-providerpath <pathlist> Provider classpath

-v Detailed output

-protected Password through protected mechanism

-export Export the certificate specified by the alias to the file

-list Displays certificate information in the keystore

-import Imports the signed digital certificate into the keystore

Instructions

./keytool -genkey -alias test-keypass admin123456 -keyalg RSA -keysize 1024 -validity 365 -keystore D:/key/config.keystore -storepass admin123

Example :

image

Be careful :

1. Directories should be created in advance

2. When prompted to enter a domain name, you cannot enter IP Address

Browse the certificate information in the library

./keytool -list -v -alias test -keystore D:/key/config.keystore -storepass admin123

Export public key certificate :

./keytool -export -keystore  D:/key/config.keystore -storepass admin123-alias test -file D:/key/test.cer

add -rfc after , The export is a text file (PEM) Format .

./keytool -export -keystore  D:/key/config.keystore -storepass admin123 -alias test  -file D:/key/test.crt -rfc

版权声明
本文为[kolusiMken]所创,转载请带上原文链接,感谢

Scroll to Top