https certificate generation steps:
1. Generate key
Generate key ( jks file), the code here is to generate a "zinc_server.jks" key.
1 |
|
Parameter description:
genkey creates a default file ".keystore" in the user's home directory, and also generates an alias of mykey, which contains the user's public key, private key and Certificate
alias: Generate an alias
keystore: Specify the name of the keystore
validity: Specify how many days the created certificate is valid
storepass: Specify the password Keystore password (password required to obtain keystore information)
keyalg: Specify the key algorithm (such as: RSA, DSA; if not specified, DSA is used by default)
More parameters :
keysize: Specify the key length
keypass: Specify the password of the alias entry (password of the private key)
dname: Specify the certificate owner information
list: Display the certificate information in the key store
1 |
|
v: Display the certificate details in the key store
1 |
|
2. Issue the certificate
The zinc_server.jks key in Section 1 is used here to issue the zinc_server.cer certificate
1 |
|
3. Generate the certificate set bks used by Android
In Android You need to use the certificate set in bks format, so if you use it in Android, you need to convert the certificate generated in section 2. Use the following command
1 |
|
If you use the above command, you may encounter an exception that the BouncyCastleProvider class cannot be found. At this time, you need to configure the environment a little
Enter bouncycastle official website to download The corresponding jdk version. Place the downloaded jar package in the path of your jdk installation/Contents/Home/jre/lib/ext, and try again.
4. Convert jks to bks
The content of this section is because some apps need to perform two-way verification and need to The client's key is placed in the app.
The above is the detailed content of https certificate generation steps. For more information, please follow other related articles on the PHP Chinese website!