如何将.crt文件添加到密钥库和信任库
[英]how to add .crt file to keystore and trust store
问题描述
I am having a .crt file and I wanted to import to keystore and truststore using java(first create keystore and truststore then import). 
我有一个.crt文件,我想使用java导入到密钥库和信任库(首先创建密钥库和信任库然后导入)。
Below is the code that I am using: 以下是我使用的代码:
import org.glassfish.tyrus.client.ClientManager;
import org.glassfish.tyrus.client.ClientProperties;
import org.glassfish.tyrus.client.SslContextConfigurator;
import org.glassfish.tyrus.client.SslEngineConfigurator;
@ClientEndpoint
public class test {
private static CountDownLatch latch;
private Logger logger = Logger.getLogger(this.getClass().getName());
@OnOpen
public void onOpen(Session session) {
logger.info("Connected ... " + session.getId());
try {
session.getBasicRemote().sendText("start");
} catch (IOException e) {
throw new RuntimeException(e);
}
}
@OnMessage
public String onMessage(String message, Session session) {
BufferedReader bufferRead = new BufferedReader(new InputStreamReader(System.in));
try {
logger.info("Received ...." + message);
String userInput = bufferRead.readLine();
return userInput;
} catch (IOException e) {
throw new RuntimeException(e);
}
}
@OnClose
public void onClose(Session session, CloseReason closeReason) {
logger.info(String.format("Session %s close because of %s", session.getId(), closeReason));
}
public static void main(String[] args) {
latch = new CountDownLatch(1);
ClientManager client = ClientManager.createClient();
try {
client.connectToServer(test.class, new URI("wss://x.x.x.x:8085"));
latch.await();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
I am using tyrus websocket client so, I need to add the following property: 我正在使用tyrus websocket客户端,所以我需要添加以下属性:
final ClientManager client = ClientManager.createClient();
System.getProperties().put("javax.net.debug", "all");
System.getProperties().put(SSLContextConfigurator.KEY_STORE_FILE, "...");
System.getProperties().put(SSLContextConfigurator.TRUST_STORE_FILE, "...");
System.getProperties().put(SSLContextConfigurator.KEY_STORE_PASSWORD, "...");
System.getProperties().put(SSLContextConfigurator.TRUST_STORE_PASSWORD, "...");
final SSLContextConfigurator defaultConfig = new SSLContextConfigurator();
defaultConfig.retrieve(System.getProperties());
// or setup SSLContextConfigurator using its API.
SSLEngineConfigurator sslEngineConfigurator =
new SSLEngineConfigurator(defaultConfig, true, false, false);
client.getProperties().put(ClientProperties.SSL_ENGINE_CONFIGURATOR,
sslEngineConfigurator);
client.connectToServer(... , ClientEndpointConfig.Builder.create().build(),
new URI("wss://localhost:8181/sample-echo/echo"));
}
So, how can I create keystore and truststore and import .crt into it. 那么,我如何创建密钥库和信任库并将.crt导入其中。
1 个解决方案
解决方案1
0 2019-08-12 08:22:30
I solved the above problem by dirctly importing the .crt file to java keystore: 我通过直接将.crt文件导入java密钥库来解决了上述问题:
For importing into java keystore 用于导入java密钥库
keytool -trustcacerts -keystore "/jdk/jre/lib/security/cacerts" -storepass changeit -importcert -alias testalias -file "/opt/ssl/test.crt"
By using above command the server certificate will be valdated and connection will be achived but if you want to create new keystore and import .crt to it means use the below command it will create the keystore of type .jks. 通过使用上面的命令,服务器证书将被验证并且将获得连接但是如果要创建新的密钥库并将.crt导入到它意味着使用以下命令它将创建类型为.jks的密钥库。
For creating keystore and import .crt 用于创建密钥库并导入.crt
keytool -import -alias testalias -file test.crt -keypass keypass -keystore test.jks -storepass test@123
here 这里
keystore password : test@123
keypass : keypass
As some code will validate and if you are using wss/https it will ask for keystore/truststore configuration then you can use above configuration mentioned in step2(creating keystore and import .crt). 由于某些代码将验证,如果您使用wss / https,它将要求密钥库/信任库配置,那么您可以使用步骤2中提到的上述配置(创建密钥库并导入.crt)。 Otherwise step1(importing into java keystore) is enough. 否则step1(导入到java密钥库)就足够了。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.