java代码实现证书转换
.jks或者.keystore转换为.pem
注意:此处主要借助于sh脚本进行转换
新建shell脚本:
前提: 需要配置好keytool、openssl命令
证书转换路径:
1、jks -> pkcs12 -> pem
2、keystore -> pkcs12 -> pem
注意:jks和keystore转换方式一致
#!/usr/bin/env bash function keystore_2_pem() { srckeystore=$1 srckeystorename=${srckeystore##*/} srcstorepass=$2 tmpdir=$(mktemp -d) cp "$srckeystore" "$tmpdir" cd "$tmpdir" || exit keytool -importkeystore \ -srckeystore "$srckeystore" \ -destkeystore "$srckeystorename".pkcs12 \ -deststoretype pkcs12 \ -srcstorepass "${srcstorepass}" \ -deststorepass "${srcstorepass}" openssl pkcs12 \ -in "$srckeystorename".pkcs12 \ -out "$srckeystorename".pem \ -passin pass:"${srcstorepass}" \ -passout pass:"${srcstorepass}" cert_info=`cat "${srckeystorename}".pem` echo "${cert_info}" echo "###cert_info_end###" dates=`openssl x509 -in "${srckeystorename}".pem -noout -dates` echo "${dates}" } srckeystore=$1 srcstorepass=$2 keystore_2_pem "$srckeystore" "$srcstorepass"
创建Java工程:
后续会用到打包,所以此处引入 maven-assembly-plugin 打包工具,将依赖信息打包到一个jar中,方便后续java -jar 执行测试
<build> <plugins> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-assembly-plugin</artifactId> <executions> <execution> <phase>package</phase> <goals> <goal>single</goal> </goals> <configuration> <archive> <manifest> <mainClass> com.wd.ShellOpr // main方法类 </mainClass> </manifest> </archive> <descriptorRefs> <descriptorRef>jar-with-dependencies</descriptorRef> </descriptorRefs> </configuration> </execution> </executions> </plugin> </plugins> </build>
创建java类,执行脚本:
package com.wd;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.text.SimpleDateFormat;
import java.util.*;
public class ShellOpr {
private static final String CERT_INFO_END = "###cert_info_end###";
/**
* 证书中的日期格式
*/
private static final SimpleDateFormat CERT_DATE_FORMAT;
/**
* 目标日期格式
*/
private static final SimpleDateFormat TARGET_DATE_FORMAT;
static {
CERT_DATE_FORMAT = new SimpleDateFormat("MMM dd HH:mm:ss yyyy z", Locale.ENGLISH);
CERT_DATE_FORMAT.setTimeZone(TimeZone.getTimeZone("GMT"));
TARGET_DATE_FORMAT = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss z", Locale.ENGLISH);
TARGET_DATE_FORMAT.setTimeZone(TimeZone.getTimeZone("GMT"));
}
public static void main(String[] args) throws Exception {
/*
sh 执行shell
cert_opr.sh 执行证书转换的脚本
/root/server.jks 待转换的证书路径
123456 证书密码
*/
String[] cmd = new String[]{"sh", "cert_opr.sh", "/root/server.jks", "123456"};
Process process = Runtime.getRuntime().exec(cmd);
StringBuilder certInfoStr = new StringBuilder();
List<String> certTimeList = new ArrayList<>();
try (InputStream inputStream = process.getInputStream();
InputStreamReader inputStreamReader = new InputStreamReader(inputStream, StandardCharsets.UTF_8);
BufferedReader bufferedReader = new BufferedReader(inputStreamReader)){
String line;
boolean certEnd = false;
while ((line = bufferedReader.readLine()) != null) {
if (CERT_INFO_END.equals(line)) {
certEnd = true;
continue;
}
if (certEnd) {
certTimeList.add(line);
continue;
}
certInfoStr.append(line).append(System.lineSeparator());
}
}
System.out.println(certInfoStr);
System.out.println("<<=====================>>");
List<String> certTimeFormat = new ArrayList<>();
for (String certTime : certTimeList) {
String[] certTimeArr = certTime.split("=");
if (certTimeArr.length < 2) {
continue;
}
certTimeFormat.add(TARGET_DATE_FORMAT.format(CERT_DATE_FORMAT.parse(certTimeArr[1])));
}
System.out.println(certTimeFormat);
}
}
输出结果
