1. Keytool creates certificate
-
Remember to install Java JDK . If you have
java
the environment, you can perform the following operations.# 检查是否安装了 JDK $ java --version
-
Generate
.keystore
certificates, Keytool instructions are described in detail .# 指令参数解释 $ keytool -genkeypair -alias 别名 -keyalg RSA -keypass 密码 -validity 365(默认90天) -keystore server.keystore -storepass 密码 # 案例指令,可以拷贝直接运行,注意:记录好【别名】跟【密码】 $ keytool -genkeypair -alias dzm -keyalg RSA -keypass 123456 -validity 20000 -keystore ./server.keystore -storepass 123456 # 细节:如果指令带上 -keysize 1024(密钥位数) 参数会报错:(所以去掉) # 生成的证书 使用的 1024 位 RSA 密钥 被视为存在安全风险。此密钥大小将在未来的更新中被禁用。
-
-genkeypair
: Original-genkey
, changed after Java 1.6, indicating generating a key pair -
-alias
: Generate an alias. Each keystore will be associated with this unique alias. The alias is not case-sensitive. -
-keyalg
:Specify the algorithm for generating keys -
-keypass
: Specifies the password for the alias entry (the password for the private key) -
-sigalg
: Signature algorithm name -
-dname
: unique distinguished name, cn owner name, ou organizational unit name, o organization name, l city or region name, st state or province name, c two-letter country code -
-validity
:valid date -
-keystore
:Keystore name -
-storetype
:Keystore type -
-storepass
:Keystore password
-
-
View certificate
Verbose output:
$ keytool -list -v -keystore server.keystore -storepass 密码
RFC style output:
$ keytool -list -rfc -keystore server.keystore -storepass 密码
-
Export certificate
$ keytool -export -alias server -keystore server.keystore -file server.crt -storepass 密码
-
View export certificate
$ keytool -printcert -file server.crt
-
Client import certificate
$ keytool -import -alias server -keystore server.keystore -file server.crt
-
The above instructions are borrowed from Keytool to generate certificates .
2. Create a certificate in Android Studio
-
Open
Android Studio
and find on the menuBuild
:Attachment: What is the difference between Android App Bundle and APK
Create a new certificate, and enter
Password
the following information once, and it must be the same twice.Confirm
Android App
A signature file is required when packaging into an installation package, and the signature file formats generated by different compilers are also different.Eclipse
The signature file of is a file.ketstore
with as suffix;Android Studio
it is a file.jks
with as suffix. -
The created certificate can also
Keytool
be viewed using the above commandSHA1、SHA256
.
3. View certificate MD5 signature information
-
Now after
Keytool
displaying the certificate information, the value cannot be obtainedMD5
. You can check this article: Android keystore obtains MD5, signature information, etc. (including quick apps) in various ways .