본문으로 바로가기

이번 글에서는 JKS Keystore를 PKCS12 Keystore로 변환하는 방법과 KPCS12 Keystore의 암호를 변경하는 방법을 설명합니다.

 

1. JKS Keystore를 PKCS12 Keystore로 변환

[root@localhost]# keytool -importkeystore -srckeystore keystore.jks -destkeystore aaaaaa.pfx -srcstoretype JKS -deststoretype PKCS12 -deststorepass newpassword
Importing keystore keystore to aaaaaa.pfx...
Enter source keystore password:
Entry for alias root successfully imported.
Entry for alias alias successfully imported.
Entry for alias chain successfully imported.
Import command completed:  3 entries successfully imported, 0 entries failed or cancelled

Warning:
<root> uses the SHA1withRSA signature algorithm which is considered a security risk. This algorithm will be disabled in a future update.



2. PKCS12 Keystore 내용확인

[root@localhost]# keytool -list -v -keystore aaaaaa.pfx -storetype PKCS12
Enter keystore password:  
Keystore type: PKCS12
Keystore provider: SUN

Your keystore contains 3 entries

Alias name: alias
Creation date: Mar 31, 2023
Entry type: PrivateKeyEntry
Certificate chain length: 3
Certificate[1]:

 

3. PKCS12 Keystore를 PEM으로 변환

[root@localhost]# openssl pkcs12 -nodes -in aaaaaa.pfx -out aaaaaa.plain.pem
Enter Import Password:

 

 

4. PEM을 PKCS12 Keystore로 변환

[root@localhost]# openssl pkcs12 -export -in aaaaaa.plain.pem -out aaaaaa.2nd.pfx
Enter Export Password:
Verifying - Enter Export Password:

 

 

728x90