install java keystore on ubuntu:
https://stackoverflow.com/questions/16333635/keytool-error-bash-keytool-command-not-found
sudo apt install openjdk-8-jre-headless
export :
https://security.stackexchange.com/questions/3779/how-can-i-export-my-private-key-from-a-java-keytool-keystore
keytool -importkeystore \
-srckeystore <keystore>\
-destkeystore keystore.p12 \
-deststoretype PKCS12 \
-deststorepass 123456 \
-destkeypass 123456
Export certificate using openssl
:
openssl pkcs12 -in keystore.p12 -nokeys -out cert.pem
Export unencrypted private key:
openssl pkcs12 -in keystore.p12 -nodes -nocerts -out key.pem
curl bypass server cert validation -k:
https://stackoverflow.com/questions/55561615/curl-with-mutual-authentication
curl --key client.key --cert client.crt --cacert bundle.pem -X GET -v https://x.x.x.x:xxxx/folder/endpoint
generate keystore from crt and key
https://stackoverflow.com/questions/11952274/how-can-i-create-keystore-from-an-existing-certificate-abc-crt-and-abc-key-fil
The easiest is probably to create a PKCS#12 file using OpenSSL:
openssl pkcs12 -export -in abc.crt -inkey abc.key -out abc.p12
You should be able to use the resulting file directly using the PKCS12
keystore type.
If you really need to, you can convert it to JKS using keytool -importkeystore
(available in keytool
from Java 6):
keytool -importkeystore -srckeystore abc.p12 \
-srcstoretype PKCS12 \
-destkeystore abc.jks \
-deststoretype JKS
No comments:
Post a Comment