Create keystore in p12 format from JKS (nc need PEM) keytool -importkeystore -srckeystore keystore.jks -destkeystore keystore.p12 -srcstoretype jks -deststoretype pkcs12
Export private key and cert to PEM openssl pkcs12 -in keystore.p12 -nokeys -out ~/cert.pem openssl pkcs12 -in keystore.p12 -out ~/key.pem
Run nc with --ssl options (need password for private key) echo "stat" | nc --ssl --ssl-cert ~/cert.pem --ssl-key ~/key.pem zookeeper_host port make your file with private key secured (correct file permission, not read for group and all) and encrypted!
1条答案
按热度按时间pieyvz9o1#
Using Zookeeper with mTLS and ncat 4lw
keytool -importkeystore -srckeystore keystore.jks -destkeystore keystore.p12 -srcstoretype jks -deststoretype pkcs12
openssl pkcs12 -in keystore.p12 -nokeys -out ~/cert.pem openssl pkcs12 -in keystore.p12 -out ~/key.pem
echo "stat" | nc --ssl --ssl-cert ~/cert.pem --ssl-key ~/key.pem zookeeper_host port
make your file with private key secured (correct file permission, not read for group and all) and encrypted!