我需要将JKS(受密码保护)转换成包含密钥对(或选定别名)的.PEM,以便其他服务使用。
到目前为止,我已经写了这个:
@Transactional
public ResponseEntity<String> getPublicKeyFromJKS(long jksid) {
try {
//1. Lift the entity
JKSFile jksFile = jksFileRepo.getOne(jksid);
//2. Get the Object from S3
S3Object object = getS3ObjectService.getS3Object(jksFile.getS3ObjectKey());
System.out.println(object.getObjectContent().getHttpRequest());
InputStream in = object.getObjectContent();
//3. Make KeyStore...
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(in, rsaConfig.getKeystorePassword().toCharArray());
//4. Get keys to PEM formatted file.
PrivateKey privateKey = (PrivateKey) keyStore.getKey("access", rsaConfig.getKeystorePassword().toCharArray());
Certificate certificate = keyStore.getCertificate("access");
PublicKey publicKey = certificate.getPublicKey();
KeyPair keyPair = new KeyPair(publicKey, privateKey);
System.out.println(keyPair.getPrivate().toString());
System.out.println(keyPair.getPublic().toString());
我正在从我的Amazon S3存储桶中提取所请求的JKS,并毫无问题地读取私钥和公钥...但是我现在希望能够将它们放入PEM格式的密钥库中(供其他服务使用)
谢谢您的任何建议!我希望以编程方式实现此目的...不使用Java命令行keytool。