p12格式
keytool -genkey -alias tomcat -keypass 123456 -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore D:/keys/keystore.p12 -validity 3650 -storepass 123456 -dname “CN=192.168.19.240, OU= tian, O=tian, L= hz, ST=zhejiang, C=CN” -ext san=ip:192.168.19.240
keytool -genkey -alias tianyt -keypass 123456 -keyalg RSA -keysize 1024 -validity 3600 -keystore D:/keys/tianyt.keystore -storepass 123456 -dname “CN=tianyt.com, OU= tian, O=tian, L= hz, ST=zhejiang, C=CN” -ext san=dns:tianyt.com
keytool -list -v -keystore D:/keys/tianyt.keystore -storepass 123456
keytool -export -alias tianyt -keystore D:/keys/tianyt.keystore -file D:/keys/tianyt.crt -storepass 123456
keytool -printcert -file D:/keys/tianyt.crt
使用jks2pfx转化为pem
https://files.cnblogs.com/files/hxz-nl/jks2pfx.zip?t=1658900878
E:/jks2pfx>JKS2PFX.bat d:/keys/tianyt.keystore 123456 tianyt tianyt C:/Program Files/Java/jdk1.8.0_111/bin
把生成的crt文件后缀改为pem
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keyAlias="tianyt"
keystoreFile="conf/keys/tianyt.keystore" keystorePass="123456"
/>
原创文章,作者:wdmbts,如若转载,请注明出处:https://blog.ytso.com/277309.html