android:keytool生成应用签名证书(java 15)
2023-09-14 08:59:32 时间
一,查看是否已安装keytool
keytool命令的程序位于jdk的安装目录/bin下,
1,查看是否有keytool命令已安装?
[lhdop@blog ~]$ ls /usr/local/soft/jdk-17/bin/keytool /usr/local/soft/jdk-17/bin/keytool
2,查看帮助:列出可用的命令
[lhdop@blog ~]$ keytool --help Key and Certificate Management Tool Commands: -certreq Generates a certificate request -changealias Changes an entry's alias -delete Deletes an entry -exportcert Exports certificate -genkeypair Generates a key pair -genseckey Generates a secret key -gencert Generates certificate from a certificate request -importcert Imports a certificate or a certificate chain -importpass Imports a password -importkeystore Imports one or all entries from another keystore -keypasswd Changes the key password of an entry -list Lists entries in a keystore -printcert Prints the content of a certificate -printcertreq Prints the content of a certificate request -printcrl Prints the content of a CRL file -storepasswd Changes the store password of a keystore -showinfo Displays security-related information Use "keytool -?, -h, or --help" for this help message Use "keytool -command_name --help" for usage of command_name. Use the -conf <url> option to specify a pre-configured options file.
3,查看帮助:例:列出genkey命令的参数:
[lhdop@blog keystore]$ keytool -genkey --help keytool -genkeypair [OPTION]... Generates a key pair Options: -alias <alias> alias name of the entry to process -keyalg <alg> key algorithm name -keysize <size> key bit size -groupname <name> Group name. For example, an Elliptic Curve name. -sigalg <alg> signature algorithm name -dname <name> distinguished name -startdate <date> certificate validity start date/time -ext <value> X.509 extension -validity <days> validity number of days -keypass <arg> key password -keystore <keystore> keystore name -storepass <arg> keystore password -storetype <type> keystore type -providername <name> provider name -addprovider <name> add security provider by name (e.g. SunPKCS11) [-providerarg <arg>] configure argument for -addprovider -providerclass <class> add security provider by fully-qualified class name [-providerarg <arg>] configure argument for -providerclass -providerpath <list> provider classpath -v verbose output -protected password through protected mechanism Use "keytool -?, -h, or --help" for this help message
二,生成keystore
1,执行genkey命令
[lhdop@blog keystore]$ keytool -genkey -alias poem -keyalg RSA -keysize 2048 -validity 36500 -keystore poem.keystore Enter keystore password: Re-enter new password: What is your first and last name? [Unknown]: liuhongdi What is the name of your organizational unit? [Unknown]: liuhongdi What is the name of your organization? [Unknown]: liuhongdi What is the name of your City or Locality? [Unknown]: beijing What is the name of your State or Province? [Unknown]: beijing What is the two-letter country code for this unit? [Unknown]: 86 Is CN=liuhongdi, OU=liuhongdi, O=liuhongdi, L=beijing, ST=beijing, C=86 correct? [no]: y Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 36,500 days for: CN=liuhongdi, OU=liuhongdi, O=liuhongdi, L=beijing, ST=beijing, C=86
此处密码要记住
2,参数说明:
-genkey:生成一个证书
-alias:证书的别名,一般和keystore的文件名相同,也可以不同,
它是和keystore关联的唯一别名,不区分大小写
-keyalg:生成密钥文件的算法,此处用RSA (可以选择的密钥算法有:RSA、DSA(默认)、EC)
-validity: 生成数字证书的有效期天数,我们设置为36500天
-keysize: 指定密钥长度(与keyalg对应关系:`RSA=2048`、`DSA=2048`、`EC=256`)
-keystore: 指定密钥库文件的名称
3,代码的说明:
- CN = 域名或IP(Common Name)
- OU = 组织单位名称(Organization Unit)
- O = 组织名称(Organization Name)
- L = 城市或区域名称(Locality Name)
- ST = 州或省份名称(State Name)
- C = 国家的简写(Country,CN 代表中国)
4,查看生成的keystore文件:
[lhdop@blog keystore]$ ls poem.keystore
三,查询keystore的信息:
[lhdop@blog keystore]$ keytool -list -v -keystore poem.keystore Enter keystore password: Keystore type: PKCS12 Keystore provider: SUN Your keystore contains 1 entry Alias name: poem Creation date: Apr 14, 2023 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=liuhongdi, OU=liuhongdi, O=liuhongdi, L=beijing, ST=beijing, C=86 Issuer: CN=liuhongdi, OU=liuhongdi, O=liuhongdi, L=beijing, ST=beijing, C=86 Serial number: 8028dc6750c99e58 Valid from: Fri Apr 14 09:33:04 CST 2023 until: Sun Mar 21 09:33:04 CST 2123 Certificate fingerprints: SHA1: A1:23:05:8A:5E:3B:9C:8D:03:E5:F5:CB:67:E8:A7:8A:4C:92:07:A2 SHA256: 0F:40:91:72:FD:5A:F2:04:2F:38:1E:80:7F:87:C2:96:44:5B:BD:1F:BA:11:FB:FF:15:7F:55:77:FC:24:AB:C9 Signature algorithm name: SHA256withRSA Subject Public Key Algorithm: 2048-bit RSA key Version: 3 Extensions: #1: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: C5 B9 7B C9 EA 27 8A 9D 86 49 AB 19 C7 18 F0 91 .....'...I...... 0010: 13 52 CB 40 .R.@ ] ] ******************************************* *******************************************
说明:刘宏缔的架构森林是一个专注架构的博客,地址:https://www.cnblogs.com/architectforest
对应的源码可以访问这里获取: https://github.com/liuhongdi/
或: https://gitee.com/liuhongdi
说明:作者:刘宏缔 邮箱: 371125307@qq.com
四,查看java的版本:
[lhdop@blog keystore]$ java --version java 15 2020-09-15 Java(TM) SE Runtime Environment (build 15+36-1562) Java HotSpot(TM) 64-Bit Server VM (build 15+36-1562, mixed mode, sharing)
相关文章
- Android telephony_android获取真实时间
- Java基础知识总结(超详细整理),java从入门到精通pdf「建议收藏」
- java applet介绍,Java Applet教程介绍[通俗易懂]
- android退出app代码,Android应用退出代码各种方式
- java生成license_使用truelicense实现用于JAVA工程license机制(包括license生成和验证)…
- java 自定义类加载器_JAVA中如何使用应用自定义类加载器「建议收藏」
- 【Android 异步操作】Handler 机制 ( MessageQueue 消息队列的阻塞机制 | Java 层机制 | native 层阻塞机制 | native 层解除阻塞机制 )
- 【错误记录】Android 编译时技术版本警告 ( 注解处理器与主应用支持的 Java 版本不匹配 )
- 【错误记录】Android Studio 编译报错 ( Could not find com.android.tools.build:gradle:4.2.1. )
- 【错误记录】Android 应用安装后出现两个启动图标 ( 排查应用及依赖库中配置了 android.intent.category.LAUNCHER 的 Activity )
- 【错误记录】Android 应用安全检测漏洞修复 ( StrandHogg 漏洞 | 设置 Activity 组件 android:taskAffinity=““ )
- 【Android UI】贝塞尔曲线 ① ( 一阶贝塞尔曲线 | 二阶贝塞尔曲线 )
- java 检测 Java 是否运行在64bit 的JVM上详解编程语言
- Java学习笔记之九java二维数组及其多维数组的内存应用拓展延伸详解编程语言
- 技术的融合突破极限:Java与Redis的技术融合(java与redis)
- Java文件在Linux系统中的使用(java文件linux)
- Java实现Linux:跨平台解决方案(java 实现linux)
- 的应用Java在Oracle数据库中的重要性及应用(java在oracle里)
- java,Android:在eclipse中的快捷键(经典收藏)
- android暂停或停止其他音乐播放器的播放实现代码
- Java基础之java处理ip的工具类