转载:import certificate into public key store

原文地址:(http://alvinalexander.com/java/java-using-keytool-import-certificate-keystore

Java keytool import FAQ: Can you share some examples of the Java keytool import command and process?

When you're working with Java public and private keys, there may be a time when someone else says, "Here is a certificate. Import it into your public key keystore, and then you can do XYZ", where "XYZ" can be a variety of things, including reading their document, using their Java application, etc. To do this you need to use the Java keytool import command.

In this example I'll assume that you have just received a keytool certificate file from another person, and you want to import the information in that certificate file into your public keystore file.

Java keytool import - Import a certificate into a public keystore

Assuming that you've been given a certificate file named "certfile.cer" which contains an alias named "foo", you can import it into a public keystore named "publicKey.store" with the following keytool import command:

This import command can be read as:

  • Read from the certfile file named certfile.cer.
  • Look in that file for an alias named "foo".
  • If you find the alias "foo", import the information into the keystore named "publicKey.store".
  • Note: The file publicKey.store may already exist, in which case the public key for "foo" will be added to that keystore file; otherwise, publicKey.store will be created.

Java keytool import - a complete example

Here's the actual input and output from a Java keytool import example. Hopefully you can use the description I just provided to understand how this command works:

A few important points here about this output:

  • The alias used here (publicCertFromAl) does not have to correspond to the alias used when the private key keystore and certificate file were created.
  • The password shown above is the password for the keystore named publicKey.store.

因为对tomcat下ssl的运作机制不太熟悉,只是在工作中遇到了这个问题,所以转载这篇文章,以做记录。原文所在的网站里还有很多关于keytool的详尽内容,有需要的可以浏览一下,主人看起来还是很厉害的样子。

发表回复

您的电子邮箱地址不会被公开。 必填项已用*标注

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据