利用java的keytool创建keystore和证书认证
--创建keystore
C:/>keytool -genkey -keystore c:/serverstore/serverstore -keyalg RSA -keysize 512 -validity 3650 -alias server -storepass "123456" -keypass "123456"
您的名字与姓氏是什么?
[Unknown]: oatest
您的组织单位名称是什么?
[Unknown]: yc
您的组织名称是什么?
[Unknown]: ycoa
您所在的城市或区域名称是什么?
[Unknown]: shanghai
您所在的州或省份名称是什么?
[Unknown]: shanghai
该单位的两字母国家代码是什么
[Unknown]: zh
CN=oatest, OU=yc, O=ycoa, L=shanghai, ST=shanghai, C=zh 正确吗?
[否]: y
--查看keystore内容
C:/>keytool -list -keystore c:/serverstore/serverstore
--创建keystore认证文件
C:/>keytool -certreq -keystore c:/serverstore/serverstore -alias server -file c:/serverstore/serverreq
输入keystore密码: 123456
--导入数字链文件
C:/>keytool -import -trustcacerts -keystore V:/bea/jdk142_05/jre/lib/security/ca
certs -alias root -file c:/serverstore/root.cer
输入keystore密码: changeit
Owner: CN=NETCA Test Root, O=NETCA Test Certificate Authority, C=CN
发照者: CN=NETCA Test Root, O=NETCA Test Certificate Authority, C=CN
序号: 1
有效期间: Tue May 08 08:00:00 CST 2001 至: Thu May 08 08:00:00 CST 2031
认证指纹:
MD5: CC:22:5F:FE:62:EF:92:D3:5C:2F:0F:85:48:94:71:49
SHA1: 05:94:68:E9:E1:7E:EE:00:71:99:A9:D6:CC:09:90:D7:71:24:A7:FE
信任这个认证? [否]: y
认证已添加至keystore中
C:/>keytool -import -trustcacerts -keystore V:/bea/jdk142_05/jre/lib/security/ca
certs -alias ca -file c:/serverstore/ca.cer
输入keystore密码: changeit
认证已添加至keystore中
C:/>keytool -import -keystore V:/bea/jdk142_05/jre/lib/security/cacerts -alias s
erver -file c:/serverstore/server.cer
输入keystore密码: changeit
Owner: CN=VeriSign Trial Secure Server CA - G2, OU=Terms of use at https://www.v
erisign.com/cps/testca (c)09, OU="For Test Purposes Only. No assurances.", O="V
eriSign, Inc.", C=US
发照者: CN=VeriSign Trial Secure Server Root CA - G2, OU="For Test Purposes Onl
y. No assurances.", O="VeriSign, Inc.", C=US
序号: 7e3bb784bbc654abd2b8d677ecc394a8
有效期间: Wed Apr 01 08:00:00 CST 2009 至: Mon Apr 01 07:59:59 CST 2019
认证指纹:
MD5: 71:13:D9:3A:CD:21:F2:EE:9F:59:17:8D:A6:F9:AE:14
SHA1: BE:D1:D1:4E:25:A7:94:36:83:9E:4B:A7:CD:84:48:96:B7:0A:7F:B0
信任这个认证? [否]: y
认证已添加至keystore中
以上在本地计算机上验证通过