Java 合并 2 个 .jks 信任库文件
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/19912067/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Merge 2 .jks truststore files
提问by nikkatsa
I am using a Tomcat that is SSL enabled, using truststores for client authentication.
我正在使用启用 SSL 的 Tomcat,使用信任库进行客户端身份验证。
I have two .jks trustore files.
我有两个 .jks trustore 文件。
The first, I use it for the PROD environment and the other for the TEST environment client certificates.
第一个,我将它用于 PROD 环境,另一个用于 TEST 环境客户端证书。
I deploy the web application, on a Tomcat and until now i was setting one of the above files in the configuration (according to the environment).
我在 Tomcat 上部署了 Web 应用程序,直到现在我在配置中设置了上述文件之一(根据环境)。
Is it possible i can merge those files into one .jks truststore that will accept client certificates both for PROD and TEST environments?
我是否可以将这些文件合并到一个 .jks 信任库中,该信任库将接受 PROD 和 TEST 环境的客户端证书?
I need to mention that i have the passwords for both truststores.
我需要提一下,我有两个信任库的密码。
Thanks!
谢谢!
回答by Jcs
You can use the -importkeystoreoption of keytool to import an entry from one keystore/truststore to another:
您可以使用-importkeystorekeytool 选项将条目从一个密钥库/信任库导入到另一个:
keytool -importkeystore -srckeystore test.jks -destkeystore common.jks -srcalias myRootCA -destalias myRootCA_TEST -srcstorepass **** -deststorepass ****
keytool -importkeystore -srckeystore prod.jks -destkeystore common.jks -srcalias myRootCA -destalias myRootCA_PROD -srcstorepass **** -deststorepass ****
The common.jks will then contain both CA to validate the client certificates. However, the application may also need to be reconfigured.
然后 common.jks 将包含两个 CA 以验证客户端证书。但是,应用程序也可能需要重新配置。
