Dav*_*lez 74 certificate keystore ssl-certificate pkcs#12
我想列出存储在PKCS12密钥库中的证书.
密钥库具有扩展名 .pfx
Dav*_*lez 126
如果密钥库是PKCS12 type(.pfx),则必须指定它-storetype PKCS12(为了可读性而添加了换行符):
keytool -list -v -keystore <path to keystore.pfx> \
-storepass <password> \
-storetype PKCS12
slm*_*slm 19
你也可以openssl用来完成同样的事情:
$ openssl pkcs12 -nokeys -info \
-in </path/to/file.pfx> \
-passin pass:<pfx's password>
MAC Iteration 2048
MAC verified OK
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048
Certificate bag
Bag Attributes
localKeyID: XX XX XX XX XX XX XX XX XX XX XX XX XX 48 54 A0 47 88 1D 90
friendlyName: jedis-server
subject=/C=US/ST=NC/L=Raleigh/O=XXX Security/OU=XXX/CN=something1
issuer=/C=US/ST=NC/L=Raleigh/O=XXX Security/OU=XXXX/CN=something1
-----BEGIN CERTIFICATE-----
...
...
...
-----END CERTIFICATE-----
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
har*_*rry 11
您可以使用 keytool 列出条目(证书详细信息),甚至不需要提及商店类型。此外,.p12和.pfx都是PKCS#12文件。假设您拥有密钥库文件,cert.pfx或者cert.p12您可以使用以下命令列出内容。
keytool -list -v -keystore cert.pfx -storepass <password>
或者
keytool -list -v -keystore cert.p12 -storepass <password>
Keystore type: PKCS12
Keystore provider: SunJSSE
Your keystore contains 1 entry
Alias name: 1
Creation date: Jul 11, 2020
Entry type: PrivateKeyEntry
Certificate chain length: 2