如何将SSL证书集成到/ jre / security文件夹中的cacerts文件?
[英]How to integrate SSL certificates to the cacerts file in /jre/security folder?
问题描述
Recently our server got upgraded to SHA-256 based SSL certificate. 
最近,我们的服务器已升级到基于SHA-256的SSL证书。 And from then we are facing javax.naming.CommunicationException . 从那时起,我们将面临javax.naming.CommunicationException 。 In order to resolve this issue i need to add/append a set of Certificate Chain into CACERTS file under the path /usr/lib/jvm/jre/lib/security of our server. 为了解决此问题,我需要在服务器的/usr/lib/jvm/jre/lib/security路径下的CACERTS文件中添加/添加一组证书链。
I found this link of SO which explains the steps to achieve this through a program. 我找到了SO的此链接 ,该链接解释了通过程序实现此目标的步骤。 Can any one suggest how to add these certificate chains into the cacerts file through linux commands. 谁能建议如何通过linux命令将这些证书链添加到cacerts文件中。
2 个解决方案
解决方案1
1 已采纳 2015-05-27 10:49:24
From the linux command prompt issue the command: 在linux命令提示符下发出命令:
/usr/lib/jvm/jre/bin/keytool -import -alias <> -file <> -keystore cacerts / usr / lib / jvm / jre / bin / keytool-导入-别名<>-文件<> -keystore cacerts
That command uses the Java keystore tool to import the new cert file into the existing cacerts file. 该命令使用Java密钥库工具将新的cert文件导入到现有的cacerts文件中。 The <> is whatever you want to call the cert. <>是您要称为证书的任何名称。 The <> is the actual file you want imported. <>是要导入的实际文件。
If you are prompted for a password, the default keystore password is 'changeit'. 如果提示您输入密码,则默认密钥库密码为“ changeit”。
Repeat for each new cert file you want added. 对要添加的每个新证书文件重复上述步骤。
解决方案2
0 2015-05-27 10:45:23
You should use the keytool utility from the Java distribution, in your case it should be under /usr/lib/jvm/bin directory. 您应该使用Java发行版中的keytool实用程序,在您的情况下,它应该位于/ usr / lib / jvm / bin目录下。
keytool -importcert -file your_cert_file_here \
-keystore /usr/lib/jvm/jre/lib/security/cacerts -storepass changeit
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.