使用Java自带的keytool命令

使用Java自带的keytool命令,在命令行生成。 


1、生成服务器端私钥kserver.keystore文件 


  keytool -genkey -alias serverkey -validity 1 -keystore kserver.keystore 


2、根据私钥,导出服务器端安全证书 


keytool -export -alias serverkey -keystore kserver.keystore -file server.crt  


3、将服务器端证书,导入到客户端的Trust KeyStore中 


keytool -import -alias serverkey -file server.crt -keystore tclient.keystore 


4、生成客户端私钥kclient.keystore文件 


  keytool -genkey -alias clientkey -validity 1  -keystore kclient.keystore 


5、根据私钥,导出客户端安全证书 


keytool -export -alias clientkey -keystore kclient.keystore -file client.crt 


6、将客户端证书,导入到服务器端的Trust KeyStore中 


keytool -import -alias clientkey -file client.crt -keystore tserver.keystore 


生成的文件分成两组,服务器端保存:kserver.keystore tserver.keystore 客户端保存:kclient.keystore  tclient.kyestore。 




keytool -import -alias serverkey -file server.crt -keystore tclient.bks -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider


keytool -genkey -alias clientkey -validity 1 -keystore kclient.bks -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider




keytool -import -alias clientkey -file android.crt -keystore kclient.bks -storetype BKS


keytool -import -alias csswebkey -file ca.crt -keystore kclient.bks -storetype BKS


keytool -import -alias cakey -file ca.crt -keystore tclient.bks -storetype BKS
keytool -import -alias serverkey -file server.crt -keystore tclient.bks -storetype BKS


keytool -import -alias serverkey -file server.crt -keystore tclient.bks -storetype BKS


keytool -import -alias serverkey -file server.crt -keystore client.bks -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider



I had the same issue and here are the steps to properly create a custom keystore that can be used for debugging in eclipse:

Basically what you should do is that change both storepasswd and keypasswd for the alias androiddebugkey to "android".

here are the commands:

  1. keytool -changealias -keystore mykeystore.keystore -alias myalias -destalias androiddebugkey
  2. keytool -keypasswd -keystore mykeystore.keystore -alias androiddebugkey
  3. keytool -storepasswd -keystore mykeystore.keystore

ant 自动打包apk  

key.alias= 别名

此别名一开始以为可以随便写,后来多次尝试发现乱写打包一定不成功,此别名要与第一次生成签名时的别名一至,由于签名不是我申请的,申请签名的同事也忘记了签名的别名,如此只好找工具看一下签名的信息了,其实工具不用找了,在jdk中有

直接keytool -list  -v -keystore xxxx.keystore -storepass 密码  签名的信息就有了

 keytool -list -v -keystore keystoreName -storepass keystorePassword


你可能感兴趣的:(使用Java自带的keytool命令)