怎么查看证书里是不是包含私钥和公钥

1. 怎么查看证书里是不是包含私钥和公钥

运行下面命令查看

openssl pkcs12 -nodes -in <your certification>

结果

Enter Import Password:
MAC verified OK
Bag Attributes
    localKeyID: 4A 21 25 53 55 78 D2 4E D6 A2 26 A5 EB 57 68 38 D0 6B C6 81 
subject=/C=US/O=Citigroup Inc./OU=160109/OU=160109/CN=aspenmarkets_160109
issuer=/C=US/O=Citigroup Inc./CN=Citi Device CA1 G2 DEV
-----BEGIN CERTIFICATE-----
 here is public key
-----END CERTIFICATE-----
Bag Attributes
    localKeyID: 4A 21 25 53 55 78 D2 4E D6 A2 26 A5 EB 57 68 38 D0 6B C6 81 
Key Attributes: <No Attributes>
-----BEGIN PRIVATE KEY-----
here is private key
-----END PRIVATE KEY-----

有下面的注解就说明你的文件里包含私钥

-----BEGIN PRIVATE KEY-----
here is private key
-----END PRIVATE KEY-----

总结

一般后缀是.p12的文件里既包含私钥也包含公钥。

其它

1. 查看keystore里面的内容

keytool -list -keystore SSLTrust.jks -storetype JCEKS -storepass "password"

结果

Keystore type: JCEKS
Keystore provider: SunJCE
 
Your keystore contains 13 entries
 
xxxx, Feb 25, 2021, trustedCertEntry, 
Certificate fingerprint (SHA-256): xxxxx

或者

Keystore type: JCEKS
Keystore provider: SunJCE
 
Your keystore contains 1 entry
 
server, Aug 4, 2022, PrivateKeyEntry, 

PrivateKeyEntry 说明这个证书包含私钥