发表新帖
发表新帖

How to print the public key of a certificate using keytool?

前端 未结
关注
4 2131
误落风尘
误落风尘 2020-12-24 01:35

Is there a way in keytool to print the publick key of a certificate? I tried:

keytool -printcert -file client.crt

But it gives only the fol

相关标签:
4条回答
  • 闹比i
    2020-12-24 02:03

    You can print the cert to pem format, then use openssl to print public key from the pem format.

    1. add -rfc option to -printcert

      keytool -printcert -rfc -file client.crt

    2. save the output like below to a file client.pem

      -----BEGIN CERTIFICATE----- MIIB4zCCAUygAwIBAgIIRzI14w7rL20wDQYJKoZIhvcNAQENBQAwMzELMAkGA1UEBhMCVVMxDTAL

      ......

      -----END CERTIFICATE-----

    3. then use openssl

      openssl x509 -inform pem -text -in client.pem

    so you got the public key

    0 讨论(0)
  • 北荒
    2020-12-24 02:13

    You can do it with:

    keytool -list -rfc -keystore mykeystore.jks -alias certificate_alias -storepass password

    Example run:

    PS c:\sample> keytool -list -rfc -keystore mykeystore.jks -alias cert_alias -storepass password
Alias name: cert_alias
Creation date: Apr 25, 2014
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
-----BEGIN CERTIFICATE-----
MIIB4zCCAUygAwIBAgIIRzI14w7rL20wDQYJKoZIhvcNAQENBQAwMzELMAkGA1UEBhMCVVMxDTAL
BgNVBAoTBE5vbmUxFTATBgNVBAMTDE5vbmUgb3U9Tm9uZTAgFw0xNDA0MjQxNzQ0NDJaGA8yMTE0
MDQyNTE3NDQ0MlowMzELMAkGA1UEBhMCVVMxDTALBgNVBAoTBE5vbmUxFTATBgNVBAMTDE5vbmUg
b3U9Tm9uZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAivXBBtFnJTm1NbHysv3Mnpn/lCg6
1onJDxr/jkvI8+1Bljs1jktyYOeKDWxJwpDU7QyIqttgtDvRT4Yaew5WiQyADIyY0cBTvp3S7uKx
M5C3zxZdG6WTflU7xcYnGk3/d0VhwA6BL9YPsRaS/K+ww1yvxWKIOPW68wDe0ccvGWcCAwEAATAN
BgkqhkiG9w0BAQ0FAAOBgQB/5qDMA9fmlCWlOD9aHjBD6I8zAOSshMCFK8XcZJHowag8WtZyL3DR
insx2HoDlBewIJAEtAplo2NpeFyNtK93PS7zV+vwEYHCu46Db3klMksp3MmSXD39QPlmwfsGZlja
K8Ww0TsR5GtccFMH41KKa+PlvVZNEdZumdrca59olQ==
-----END CERTIFICATE-----
    0 讨论(0)
  • 甜味超标
    2020-12-24 02:19

    Keytool list rfc just prints the base64 encoded version of whole certificate, not the public key. Keytool doesn't support the printing the public key of Certificate. We can use openssl for this purpose.

    0 讨论(0)
  • 南旧
    2020-12-24 02:22

    You can do that With openssl.

    If this certificate is DER-encoded (binary), use:

    openssl x509 -inform der -in client.crt -pubkey -noout

    for PEM-encoded use -inform pem option (or no -inform at all).

    To see details of public key, use:

    openssl x509 -inform der -in client.crt -pubkey -noout | openssl rsa -pubin -text -noout
    0 讨论(0)
 看不清?
提交回复
热议问题