keytool、openssl 互转

openssl(pem) 和 keytool(der) 互相转换

openssl -> keytool

## pem 转换为 pkcs12
openssl pkcs12 -export -in www.zfl.com.crt -inkey www.zfl.com.key -out www.zfl.com.p12 -name www.zfl.com -passout pass:123456

## pkcs12 转换为 keystore
keytool -importkeystore -srcstoretype pkcs12 -srckeystore www.zfl.com.p12 -srcstorepass 123456 -srcalias www.zfl.com -srckeypass 123456 -deststoretype jks -destkeystore www.zfl.com.jks -deststorepass 123456 -destalias www.zfl.com -destkeypass 123456

keytool -> openssl

## keystore 转换为 pkcs12
keytool -importkeystore -srcstoretype jks -srckeystore www.zfl.com.jks -srcstorepass 123456 -srcalias www.zfl.com -srckeypass 123456 -deststoretype pkcs12 -destkeystore www.zfl.com.p12 -deststorepass 123456 -destalias www.zfl.com -destkeypass 123456 -noprompt

## pkcs12 转换为 pem
openssl pkcs12 -in www.zfl.com.p12 -out www.zfl.com.pem -passin pass:123456 -nodes

## pem 提取 crt
openssl x509 -in www.zfl.com.pem -out www.zfl.com.crt

## pem 提取 key
openssl rsa -in www.zfl.com.pem -out www.zfl.com.key