1.keytoo工具生成jks证书
keytool在jdk/bin目录下
在idea terminal使用 keytool生成jks:
idea——terminal
跳到指定要生成jks目录:
1 | /home/echo/IdeaProjects/spring-security-oauth2-demo/spring-security-oauth2-authorization-jwt/src/main/resources |
生成jks指令:
1 2 3 | keytool -genkeypair -alias oauth2 -keyalg RSA -keystore oauth2.jks -keysize 2048 #oauth2 为自定义,oauth2.jks为证书名称,可指定路径,不指定当前目录下 |
下面就是生成公钥:
1 | keytool -list -rfc --keystore oauth2.jks | openssl x509 -inform pem -pubkey |
1 2 | 'openssl' 不是内部或外部命令,也不是可运行的程序 或批处理文件 |
2.下载openssl,并安装配置
下载地址:openssl
随便下载一个好了,反正都是exe的,至于收费那是不可能的(土豪随意)。
安装完成之后配置一下环境变量。把openssl安装路径bin的路径(例如 D:\OpenSSL-Win64\bin)加入到操作系统的系统环境变量Path中。
重启电脑!!!
用管理员身份运行DOS就可以进行openssl的操作了。
解决openssl错误
1 | WARNING: can't open config file: /usr/local/ssl/openssl.cnf |
在你得opensll安装路径下找到openssl.cfg,我的路径是 D:\OpenSSL-Win64\bin\openssl.cfg,设置环境变量
1 | set OPENSSL_CONF=D:\OpenSSL-Win64\bin\openssl.cfg |
下面就是生成公钥:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 | D:\...\resources>keytool -list -rfc --keystore oauth2.jks | openssl x509 -inform pem -pubkey 'openssl' 不是内部或外部命令,也不是可运行的程序 或批处理文件。 D:\...\resources>keytool -list -rfc --keystore oauth2.jks | D:\OpenSSL-Win64\bin\openssl x509 -inform pem -pubkey WARNING: can't open config file: /usr/local/ssl/openssl.cnf unable to load certificate 10728:error:0906D06C:PEM routines:PEM_read_bio:no start line:.\crypto\pem\pem_lib.c:697:Expecting: TRUSTED CERTIFICATE D:\...\resources>set OPENSSL_CONF=D:\OpenSSL-Win64\bin\openssl.cfg D:\...\resources>keytool -list -rfc --keystore oauth2.jks | D:\OpenSSL-Win64\bin\openssl x509 -inform pem -pubkey 输入密钥库口令: 123456 -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjUbbP9Rk5iaouSUonEr agFbAGPpyr6YjNT1jbkW/FHu6deZpPyzBD4R5fKVftw1y9V7L0vOrOMtdYJAJf7Q UkJgdei4FSQPlKOKNepHJZtMoKeqfpXDEJGI5EgnCtOQUvn29nGPusBDGXkctIKb 5p66UYqGkWHNUBxBjFRw6pRzOQHiJEebwmFl5xIXG90YyqYV6PRsSCkqT4yH4BOV QFyzfl6razwAfD2KeLjd+zcNQjWJxNwr5kpJQjL3yuNgJxHyWHAzgIcfZM+MCo7U m6BgxhlqLy65WccDbHKaexWHsmlBRHOU84I+6P62WSa6Uu99Oki8Zuh75o9E2iMX XwIDAQAB -----END PUBLIC KEY----- -----BEGIN CERTIFICATE----- MIIDazCCAlOgAwIBAgIEQtMGcjANBgkqhkiG9w0BAQsFADBmMQ8wDQYDVQQGEwZv YXV0aDIxDzANBgNVBAgTBm9hdXRoMjEPMA0GA1UEBxMGb2F1dGgyMQ8wDQYDVQQK EwZvYXV0aDIxDzANBgNVBAsTBm9hdXRoMjEPMA0GA1UEAxMGb2F1dGgyMB4XDTIw MDYxMTAwNDIyMloXDTIwMDkwOTAwNDIyMlowZjEPMA0GA1UEBhMGb2F1dGgyMQ8w DQYDVQQIEwZvYXV0aDIxDzANBgNVBAcTBm9hdXRoMjEPMA0GA1UEChMGb2F1dGgy MQ8wDQYDVQQLEwZvYXV0aDIxDzANBgNVBAMTBm9hdXRoMjCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAI41G2z/UZOYmqLklKJxK2oBWwBj6cq+mIzU9Y25 FvxR7unXmaT8swQ+EeXylX7cNcvVey9LzqzjLXWCQCX+0FJCYHXouBUkD5SjijXq RyWbTKCnqn6VwxCRiORIJwrTkFL59vZxj7rAQxl5HLSCm+aeulGKhpFhzVAcQYxU cOqUczkB4iRHm8JhZecSFxvdGMqmFej0bEgpKk+Mh+ATlUBcs35eq2s8AHw9ini4 3fs3DUI1icTcK+ZKSUIy98rjYCcR8lhwM4CHH2TPjAqO1JugYMYZai8uuVnHA2xy mnsVh7JpQURzlPOCPuj+tlkmulLvfTpIvGboe+aPRNojF18CAwEAAaMhMB8wHQYD VR0OBBYEFIVAq+YBZBhGBfzTGEcRc5hs2x8vMA0GCSqGSIb3DQEBCwUAA4IBAQB+ iIurLe6P1YhfPngxgqlMVWU+i8vuUTPLbl/yCp4GjSc6w+ntZS8QpB2JOL2W/qcL BhwDJuIWt8l+bAEzEFyLnoGF+0n1fPzcv/HgXyRece6sV7oJ8PWUDak3k4jjlB+s aZ9b817V4dSpK4UVSJpiOcFtHbZKbxoVubtNVdvTd9IUZRMhbcorUzE6N+cWrSVX SXskjsbu/eYlbvw5FpYakM0KMhdsbHFl/se92vJdM+RFsC3cm+p9B5RctgJ4LFx6 A5I4MBBHEcW9PCB0bXZ9OQ4rB//8drEcwYuFDO+i+Cygo3IdcAL/E1Uwg1n6hfLV qayMyRPzdDVgYJe2YS0q -----END CERTIFICATE----- |