https certificate generation steps:
1. Generate key
Generate key ( jks file), the code here is to generate a "zinc_server.jks" key.
-alias zinc_server -keyalg RSA -keystore zinc_server.jks -validity 3600 -storepass 123456
Parameter description:
genkey creates a default file ".keystore" in the user's home directory, and also generates an alias of mykey, which contains the user's public key, private key and Certificate
alias: Generate an alias
keystore: Specify the name of the keystore
validity: Specify how many days the created certificate is valid
storepass: Specify the password Keystore password (password required to obtain keystore information)
keyalg: Specify the key algorithm (such as: RSA, DSA; if not specified, DSA is used by default)
More parameters :
keysize: Specify the key length
keypass: Specify the password of the alias entry (password of the private key)
dname: Specify the certificate owner information
list: Display the certificate information in the key store
keytool -list -keystore 指定keystore -storepass 密码
v: Display the certificate details in the key store
keytool -list -v -keystore 指定keystore -storepass 密码
2. Issue the certificate
The zinc_server.jks key in Section 1 is used here to issue the zinc_server.cer certificate
keytool -export -alias zinc_server -file zinc_server.cer -keystore zinc_server.jks -storepass 123456
3. Generate the certificate set bks used by Android
In Android You need to use the certificate set in bks format, so if you use it in Android, you need to convert the certificate generated in section 2. Use the following command
keytool -importcert -file zinc_server.cer -keystore zinc_server.bks -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider
If you use the above command, you may encounter an exception that the BouncyCastleProvider class cannot be found. At this time, you need to configure the environment a little
Enter bouncycastle official website to download The corresponding jdk version. Place the downloaded jar package in the path of your jdk installation/Contents/Home/jre/lib/ext, and try again.
4. Convert jks to bks
The content of this section is because some apps need to perform two-way verification and need to The client's key is placed in the app.
The above is the detailed content of https certificate generation steps. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
SublimeText3 Linux new version
SublimeText3 Linux latest version
Atom editor mac version download
The most popular open source editor
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
SublimeText3 Mac version
God-level code editing software (SublimeText3)
