堆栈内存溢出
  简体   繁体   English

Python 和 JDK SSL 证书

[英]Python and JDK SSL certificate

 原文  2014-01-07 09:39:40       python/ keytool

问题描述

I was wondering if anyone has ever dealt with importing SSL certificate into JAVA using python, like we do using keytool.我想知道是否有人曾经处理过使用 python 将 SSL 证书导入 JAVA,就像我们使用 keytool 一样。

A bash script can do but i was just wondering if there is a module that can do more gracefully. bash 脚本可以做,但我只是想知道是否有一个模块可以做得更优雅。

Thanks谢谢

2 个解决方案

解决方案1
 2  2014-05-02 12:59:16

您可以尝试pyjks ,但我不知道它是否可以写入 JKS 密钥库或只是读取它们。

解决方案2
 0  2019-12-16 13:39:18

I have this small script to import certificates:我有这个小脚本来导入证书:

#!/bin/bash

#set -xeuo pipefail
set -xe

##cert file location
cert_location=/path/to/Certificates
TIMESTAMP=$(date +%Y-%m-%d_%H-%M-%S)

##check if directory exist
if [ -d "$cert_location" ]; then
    echo -e "\033[31;7m Directory $cert_location exists. \e[0m"
else
    echo -e "\033[31;7m Directory $cert_location does NOT exists. \e[0m"
    return 1 2>/dev/null
    exit 1
fi

# define file array
cd $cert_location
files=(*)


# Use for loop iterate through an array
# $f stores current value
for f in "${files[@]}"; do
    ##check fi alias already in use
    echo -e "\033[31;7m Directory Certificate name $f. \e[0m"
    alias_name=$(keytool -list -keystore /u01/jdk/jre/lib/security/cacerts -storepass JAVA_PASSWORD | grep $f | awk -F, '{print $1}')
    if [ -z "$alias_name" ]; then
        echo -e "\033[31;7m $f will be installed \e[0m"
        scp -r -i private_key -o 'StrictHostKeyChecking no' $cert_location/"$f" "${SSH_SOA}":./deploy/"$f"
        echo -e "\033[31;7mLoading the $f file  \e[0m"
        keytool -import -v -trustcacerts -alias "$f_$TIMESTAMP" -file ./deploy/"$f" -keystore /u01/app/oracle/middleware/wlserver/server/lib/DemoTrust.jks -storepass KEYSTORE_PASSWORD -noprompt | true
        keytool -import -v -trustcacerts -alias "$f_$TIMESTAMP" -file ./deploy/"$f" -keystore /u01/jdk/jre/lib/security/cacerts -storepass JAVA_PASSWORD -noprompt | true
        keytool -import -v -trustcacerts -alias "$f_$TIMESTAMP" -file ./deploy/"$f" -keystore /u01/app/oracle/middleware/wlserver/server/lib/cacerts -storepass JAVA_PASSWORD -noprompt | true
        keytool -import -v -trustcacerts -alias "$f_$TIMESTAMP" -file ./deploy/"$f" -keystore /u01/data/domains/intsoaol_domain/security/DemoIdentity.jks -storepass JAVA_PASSWORD -noprompt | true
    else
        echo -e "\033[31;7m $alias_name Alias already in use \e[0m"
    fi
done

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Python正则表达式到SSL证书 - Python Regex to SSL Certificate python中的ssl证书身份验证 - ssl certificate authentication in python 具有ssl证书的imaplib python - imaplib python with ssl certificate 卡夫卡 Python SSL 证书 - KAFKA Python SSL Certificate Python Twisted SSL的证书生成 - Certificate Generation for Python Twisted SSL 在Python中禁用SSL证书验证 - Disable SSL certificate validation in Python Python:Ssl 证书验证失败 - Python: Ssl Certificate verify failed Python 3 SSL 抢不到证书 - Python 3 SSL cannot grab certificate python请求验证SSL证书 - python requests verify SSL certificate 将 SSL 证书与 Python 正则表达式分开 - Separating SSL Certificate with Python RegEx
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM