[英]How to integrate SSL certificates to the cacerts file in /jre/security folder?
Recently our server got upgraded to SHA-256 based SSL certificate. 最近,我们的服务器已升级到基于SHA-256的SSL证书。 And from then we are facing
javax.naming.CommunicationException
. 从那时起,我们将面临
javax.naming.CommunicationException
。 In order to resolve this issue i need to add/append a set of Certificate Chain into CACERTS file under the path /usr/lib/jvm/jre/lib/security
of our server. 为了解决此问题,我需要在服务器的
/usr/lib/jvm/jre/lib/security
路径下的CACERTS文件中添加/添加一组证书链。
I found this link of SO which explains the steps to achieve this through a program. 我找到了SO的此链接 ,该链接解释了通过程序实现此目标的步骤。 Can any one suggest how to add these certificate chains into the cacerts file through linux commands.
谁能建议如何通过linux命令将这些证书链添加到cacerts文件中。
From the linux command prompt issue the command: 在linux命令提示符下发出命令:
/usr/lib/jvm/jre/bin/keytool -import -alias <> -file <> -keystore cacerts / usr / lib / jvm / jre / bin / keytool-导入-别名<>-文件<> -keystore cacerts
That command uses the Java keystore tool to import the new cert file into the existing cacerts file. 该命令使用Java密钥库工具将新的cert文件导入到现有的cacerts文件中。 The <> is whatever you want to call the cert.
<>是您要称为证书的任何名称。 The <> is the actual file you want imported.
<>是要导入的实际文件。
If you are prompted for a password, the default keystore password is 'changeit'. 如果提示您输入密码,则默认密钥库密码为“ changeit”。
Repeat for each new cert file you want added. 对要添加的每个新证书文件重复上述步骤。
You should use the keytool
utility from the Java distribution, in your case it should be under /usr/lib/jvm/bin directory. 您应该使用Java发行版中的
keytool
实用程序,在您的情况下,它应该位于/ usr / lib / jvm / bin目录下。
keytool -importcert -file your_cert_file_here \
-keystore /usr/lib/jvm/jre/lib/security/cacerts -storepass changeit
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.