How to generate certificates and keys

Generate openssl key

1
ssh-keygen -t rsa -b 2048 -C "devg@nroad.com.cn" -f mars-jwt-rs256.key

Generate certificate

1
openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 3650 -out certificate.pem -key mars-jwt-rs256.key

Export private key and certificate to pkcs12 key store

1
openssl pkcs12 -export -name mars-jwt-cert -in certificate.pem -inkey mars-jwt-rs256.key -out mars-jwt-rs256.p12

Import from pkcs12 keystore to java key store

1
keytool --importkeystore --destkeystore mars.jks -srckeystore mars-jwt-rs256.p12 -srcstoretype pkcs12 -alias mars-jwt-cert

(Optional) Convert imported java keystore to pkcs12 type

1
keytool -importkeystore -srckeystore mars.jks -destkeystore mars.jks -deststoretype pkcs12

Export public key from private key

1
openssl rsa  -pubout -in mars-jwt-rs256.key > mars-jwt.pub