Developers Notes
  • Welcome
  • Developer
    • Java
      • JUnit
        • Parameterized Test
        • Introduction to WireMock
      • Maven
        • Resource Reader and Writer
        • JUnit with Maven
        • Maven Run
        • A Quick Guide to Maven Wrapper
      • Spring
        • Autowired vs Resource
        • Spring OpenFeign 사용시 https 신뢰하는 방법
        • Aspect with Annotation
        • Spring JPA에서 Tibero를 사용하기 위한 설정
        • Spring module dependency
        • Mockito
          • Autowired @Value field in Spring with Mockito
        • SpringBoot Hybernate application.yml
        • ReflectionTestUtils
        • Spring Properties File Outside jar
        • Spring @RequestParam Annotation
        • Properties with Spring and Spring Boot
        • Passing JVM Options from Gradle bootRun
        • Securing Spring Boot API With API Key and Secret
        • Why Is Field Injection Not Recommended?
        • An Overview of Identifiers in Hibernate/JPA
      • Etcs
        • BigDecimal 사용시 주의 사항
        • static factory methods common naming conventions
        • List of Lists into a List (Stream)
        • Return null in stream
        • Logging with Lombok
        • JPA
        • Big-O Java Collections
    • MySQL
      • Active Connections on MySQL
      • MariaDB-Galera
      • FOUND_ROWS
      • MySQL Group Replication Requirements
      • Data Types Explicit Default Handling
    • C/C++
      • Autotool 사용법
      • Intruduction to GNU Autotools
      • mysql
        • C Api Flow
        • MySQL Connector/C++ 8.3 Developer Guide
      • Common vulnerabilities guide for C programmers
      • HTTP in C++
      • JSON in C++
      • How to get memory usage at runtime using C++?
      • How to get time in milliseconds using C++ on Linux?
      • Sleep Functions in C++
      • Calculate Cpu Usage on Linux as Top
    • CryptoGraphy
      • 인증 기관(CA;Certificate Authority) 구성하고 인증서 발급하기
      • KeyTool Import PrivateKey, Certificate
      • Java Keytool 사용법
      • PKCS, Public Key Cryptography Standard
      • CER/DER/CRT/CSR 형식 파일이란?
      • FIPS 140-2
      • SSL 인증서 발급
      • 사용법, tip 정리
      • OpenSSL
        • OpenSSL guide
        • Openssl RSA Private Key Encrypt
      • How to Read PEM File to Get Public and Private Keys
    • PKCS#11 API
      • PKCS#11 API-강좌1
      • PKCS#11 API-강좌2
      • PKCS#11 API-강좌3
      • PKCS#11 API-강좌4
      • PKCS#11 API-강좌5(C 언어로 된 Sample Code)
      • PKCS#11 API-강좌6(EC Key 생성 및 Signing)
    • Warehouse of PKI
    • GoLang
      • go-cshared-examples
      • Fun building shared libraries in Go
      • Golang time
      • Encoding Json
  • OpenSSL
    • OpenSSL Document
      • openssl-req
      • x509v3_config
      • Openssl Example
    • Creating a Self-Signed Certificate With OpenSSL
    • Openssl 3.x Provider
      • Writing OpenSSL Provider Skeleton
    • OpenSSL Certificate Command
  • DevOps
    • Docker
      • Environment Variables for MariaDB or MySQL Docker
      • Container Technology, Docker
      • Docker Trouble Shooting
      • Docker BuildKit
      • How to clear Docker cache and free up space on your system
    • Cloud
      • Serverless Architecture
      • AWS
        • AWS 주요 자습서 Link
        • Diagram-as-code for AWS architecture.
        • AWS Architecture icon
      • Install MariaDB Galera by Helm
      • Jenkinsfile VIM syntax highlighting
      • Cloud Development Kit for Kubernetes
    • VM
      • vagrant를 사용한 vm 설치 방법
    • Etcs
      • Logstash
        • Installing Logstash
        • Configuration Logstash Output
      • Rancher Install
      • Install ELK
      • Simpler Tool for Deploying Rancher
    • Ubuntu
      • Install SFTP Client
  • Etcs
    • Etcs
      • Useful Tools
      • Links
      • Entertainment
Powered by GitBook
On this page
  • Files
  • file list
  • show files
  • Import Certificate
  • import cert
  • show import result
  • Import Private Key
  • convert private key
  • import private key
  • show import result
Edit on GitHub
  1. Developer
  2. CryptoGraphy

KeyTool Import PrivateKey, Certificate

Files

file list

% ls
certificate.crt         privateKey_private.pem  publicKey_public.pem

show files

% file certificate.crt 
certificate.crt: PEM certificate

% cat certificate.crt 
-----BEGIN CERTIFICATE-----
MIIBqDCCAU6gAwIBAgIULvhjkKt1BonKn6rsqwt7cV0yUtAwCgYIKoZIzj0EAwIw
FjEUMBIGA1UEAwwLVEFZTy1ST09ULUUwIBcNMjAwMTAxMDAwMDAwWhgPOTk5OTEy
MzEyMzU5NTlaMBYxFDASBgNVBAMMC1RBWU8tUk9PVC1FMFkwEwYHKoZIzj0CAQYI
KoZIzj0DAQcDQgAEqZO7U8FhZ89jPVlKlsDyRedUwtYs8NH+mQBuC7jlOdxbKRoN
jVaLt8WWyDPTXE374OGZGdgt9roHyQ3MOJeGzqN4MHYwFgYKKwYBBAGCxGkFCQEB
/wQFMAMCAQEwDgYDVR0PAQH/BAQDAgEGMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgw
FoAU69xUcCMuwHNGGnTt1AYw5m/cTOYwHQYDVR0OBBYEFOvcVHAjLsBzRhp07dQG
MOZv3EzmMAoGCCqGSM49BAMCA0gAMEUCIELm69mYqefjQRI1b9L7DcCxo7U1yunP
Bisb7wGRb/qKAiEA6rk88xnoEh1o6q3sXO/mNmPWLqMLQQJ/02vAZ5JbAu0=
-----END CERTIFICATE-----                                                                                         

% file privateKey_private.pem 
privateKey_private.pem: PEM EC private key

% cat privateKey_private.pem 
-----BEGIN EC PRIVATE KEY-----
ME0CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEMzAxAgEBBCDjsACC7YNrNgk5VRAz
n6OpmqsIljfiePTAAsXcpvKd96AKBggqhkjOPQMBBw==
-----END EC PRIVATE KEY-----

Import Certificate

import cert

% keytool -importcert -keystore mykeystore.jks -storepass password -alias certificateAlias -file certificate.crt 
Owner: CN=TAYO-ROOT-E
Issuer: CN=TAYO-ROOT-E
Serial number: 2ef86390ab750689ca9faaecab0b7b715d3252d0
Valid from: Wed Jan 01 09:00:00 KST 2020 until: Sat Jan 01 08:59:59 KST 10000
Certificate fingerprints:
         SHA1: AA:41:D3:3D:C3:BC:17:DC:B2:A0:7A:C8:1B:6B:9C:35:43:A4:8F:00
         SHA256: 39:4D:58:BD:FB:8C:DB:4B:4A:C4:05:5D:48:A9:8A:14:2F:A4:F2:E8:1C:8F:F0:74:F1:51:AE:5D:05:5C:D2:3E
Signature algorithm name: SHA256withECDSA
Subject Public Key Algorithm: 256-bit EC (secp256r1) key
Version: 3

Extensions: 

#1: ObjectId: 1.3.6.1.4.1.41577.5.9 Criticality=true
0000: 30 03 02 01 01                                     0....


#2: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: EB DC 54 70 23 2E C0 73   46 1A 74 ED D4 06 30 E6  ..Tp#..sF.t...0.
0010: 6F DC 4C E6                                        o.L.
]
]

#3: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
  CA:false
  PathLen: undefined
]

#4: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
  Key_CertSign
  Crl_Sign
]

#5: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: EB DC 54 70 23 2E C0 73   46 1A 74 ED D4 06 30 E6  ..Tp#..sF.t...0.
0010: 6F DC 4C E6                                        o.L.
]
]

Trust this certificate? [no]:  yes
Certificate was added to keystore
jihoon_yang@MacBook-Pro certificates % keytool -list -keystore mykeystore.jks 
Enter keystore password:  
Keystore type: PKCS12
Keystore provider: SUN

Your keystore contains 1 entry

certificatealias, 2021. 8. 6., trustedCertEntry, 
Certificate fingerprint (SHA-256): 39:4D:58:BD:FB:8C:DB:4B:4A:C4:05:5D:48:A9:8A:14:2F:A4:F2:E8:1C:8F:F0:74:F1:51:AE:5D:05:5C:D2:3E

show import result

% ls             
certificate.crt         mykeystore.jks          privateKey_private.pem  publicKey_public.pem

% keytool -list -keystore mykeystore.jks 
Enter keystore password:  
Keystore type: PKCS12
Keystore provider: SUN

Your keystore contains 1 entry

certificatealias, 2021. 8. 6., trustedCertEntry, 
Certificate fingerprint (SHA-256): 39:4D:58:BD:FB:8C:DB:4B:4A:C4:05:5D:48:A9:8A:14:2F:A4:F2:E8:1C:8F:F0:74:F1:51:AE:5D:05:5C:D2:3E

Import Private Key

convert private key

% openssl pkcs12 -export -in certificate.crt -inkey privateKey_private.pem -out mykeystore.p12 -name "privatekeyAlias"
Enter Export Password:
Verifying - Enter Export Password:


% ls
certificate.crt         mykeystore.jks          mykeystore.p12          privateKey_private.pem  publicKey_public.pem

import private key

% keytool -importkeystore -deststorepass password -destkeypass password -destkeystore mykeystore.jks -srckeystore mykeystore.p12 -srcstoretype PKCS12 -srcstorepass password -alias "privatekeyAlias"
Importing keystore mykeystore.p12 to mykeystore.jks...

show import result

% keytool -list -keystore mykeystore.jks 
Enter keystore password:  
Keystore type: PKCS12
Keystore provider: SUN

Your keystore contains 2 entries

certificatealias, 2021. 8. 6., trustedCertEntry, 
Certificate fingerprint (SHA-256): 39:4D:58:BD:FB:8C:DB:4B:4A:C4:05:5D:48:A9:8A:14:2F:A4:F2:E8:1C:8F:F0:74:F1:51:AE:5D:05:5C:D2:3E
privatekeyalias, 2021. 8. 6., PrivateKeyEntry, 
Certificate fingerprint (SHA-256): 39:4D:58:BD:FB:8C:DB:4B:4A:C4:05:5D:48:A9:8A:14:2F:A4:F2:E8:1C:8F:F0:74:F1:51:AE:5D:05:5C:D2:3E
Previous인증 기관(CA;Certificate Authority) 구성하고 인증서 발급하기NextJava Keytool 사용법

Last updated 2 years ago