CA.pl -genca
CA.pl -newreq-nodes
CA.pl -sign
一切都OK, 没有报任何错误!
最后, 用 keytool 将 Ca 证书 cacert.pem 导入到证书库,
keytool -import -keystore mycacerts.keystore -storepass abc123 -alias ca1 -file cacert.pem
执行失败, 错误信息如下:
keytool错误: java.lang.Exception: 所输入的不是一个 X.509 认证
CA.p -genca 生成的CA 证书 cacert.pem 内容如下:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
bc:d3:75:72:1f:77:fd:c8
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=AU, ST=HK, O=O, OU=OU, CN=CA/emailAddress=ca@ca.com
Validity
Not Before: Jul 22 09:02:13 2007 GMT
Not After : Jul 21 09:02:13 2010 GMT
Subject: C=AU, ST=HK, O=O, OU=OU, CN=CA/emailAddress=ca@ca.com
Subject Public Key Info:
Publ