无法将证书导入 java 控制面板
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/21691373/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Cannot import certificate into java control panel
提问by Raymond Holguin
I am trying to import a self-signed certificate into the trusted certificates in the java control panel. it is under the security tab-> Manage Certificates. No matter how simple the password is i set on the keystore, the import program always tells me my password is invalid after i type it in. I have also tried changing the certificate type but no luck..li tried all of them. Here are the simple steps i used to create my files
我正在尝试将自签名证书导入 java 控制面板中的受信任证书。它位于安全选项卡-> 管理证书下。无论我在密钥库上设置的密码多么简单,导入程序总是在我输入密码后告诉我密码无效。我也尝试过更改证书类型但没有运气..li 尝试了所有这些。这是我用来创建文件的简单步骤
keytool -genkey -keyalg RSA -keysize 2048 -keystore test_keystore.jks -alias test
Then I generate my CSR file which the java control panel takes as an input
然后我生成我的 CSR 文件,java 控制面板将其作为输入
keytool -certreq -alias test -keystore test_keystore.jks -file test_certificate_request.csr
Since this is just a test, the passwords I am setting are super simple so its not an issue of using the wrong password or typing it incorrectly. Yet every time i import the test_certificate_request.csr file i created it it tells me invalid password.
由于这只是一个测试,我设置的密码非常简单,所以这不是使用错误密码或输入错误的问题。然而,每次我导入我创建的 test_certificate_request.csr 文件时,它都会告诉我密码无效。
In case it matters, here is the full strack trace generated from the import program when i click on the "more information" button.
如果重要,这里是当我单击“更多信息”按钮时从导入程序生成的完整跟踪跟踪。
java.io.IOException: toDerInputStream rejects tag type 45
at sun.security.util.DerValue.toDerInputStream(Unknown Source)
at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
at java.security.KeyStore.load(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog.importPKCS12Certificate(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog.importButtonActionPerformed(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog.access0(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog.actionPerformed(Unknown Source)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
at java.awt.AWTEventMulticaster.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at javax.swing.JComponent.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Window.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access0(Unknown Source)
at java.awt.EventQueue.run(Unknown Source)
at java.awt.EventQueue.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain.doIntersectionPrivilege(Unknown Source)
at java.security.ProtectionDomain.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.run(Unknown Source)
at java.awt.EventQueue.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.WaitDispatchSupport.run(Unknown Source)
at java.awt.WaitDispatchSupport.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.awt.WaitDispatchSupport.enter(Unknown Source)
at java.awt.Dialog.show(Unknown Source)
at java.awt.Component.show(Unknown Source)
at java.awt.Component.setVisible(Unknown Source)
at java.awt.Window.setVisible(Unknown Source)
at java.awt.Dialog.setVisible(Unknown Source)
at com.sun.deploy.panel.SecurityPanel.certsBtnActionPerformed(Unknown Source)
at com.sun.deploy.panel.SecurityPanel.access0(Unknown Source)
at com.sun.deploy.panel.SecurityPanel.actionPerformed(Unknown Source)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
at java.awt.AWTEventMulticaster.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at javax.swing.JComponent.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Window.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access0(Unknown Source)
at java.awt.EventQueue.run(Unknown Source)
at java.awt.EventQueue.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain.doIntersectionPrivilege(Unknown Source)
at java.security.ProtectionDomain.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.run(Unknown Source)
at java.awt.EventQueue.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
What am i doing wrong?
我究竟做错了什么?
采纳答案by divanov
keytool -certreqcreates certificate request also known as PKCS#10, which should be provided to Certificate Authority to get a real certificate. Then you upload it to the tool, which expects certificate.
keytool -certreq创建证书请求,也称为 PKCS#10,应将其提供给证书颁发机构以获取真实证书。然后将其上传到需要证书的工具。
From these lines in the stacktrace
从堆栈跟踪中的这些行
at java.security.KeyStore.load(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog.importPKCS12Certificate(Unknown Source)
I can tell that UI actually expects keystore in PKCS#12 format with certificate inside, not just a separate certificate.
我可以说 UI 实际上需要 PKCS#12 格式的密钥库,里面有证书,而不仅仅是一个单独的证书。
This is how you can generate a keystore with self-signed certificate with a keytool
这是您如何使用自签名证书生成密钥库 keytool
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks \
-storepass password -validity 360 -keysize 2048
However, this will create keystore in JKS format and that have to be converted to PKCS#12 format with a command
但是,这将创建 JKS 格式的密钥库,并且必须使用命令将其转换为 PKCS#12 格式
keytool -importkeystore -srckeystore keystore.jks -srcstoretype JKS \
-deststoretype PKCS12 -destkeystore keystore.p12
or alternatively keystore can be created in PKCS#12 format with specifying -storetype
或者,可以通过指定以 PKCS#12 格式创建密钥库 -storetype
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.p12 \
-storetype pkcs12 -storepass password -validity 360 -keysize 2048
Note that the keystore contains self-singed certificate together with the corresponding private key.
请注意,密钥库包含自签名证书以及相应的私钥。
