Alibabacloud.com offers a wide variety of articles about java keytool import certificate, easily find your java keytool import certificate information here online.
credentials JRE environment, not the JDK, which is often mistaken.Three. Import the certificate step:1. Locate the JRE1) The OA application of Machine B is deployed directly in Tomcat>>> Independent JREIf you choose to install the JRE at the same time when installing the JDK, the system runs on a separate JRE.Why? Because the program automatically helps you to add the JRE's java.exe to the system variables
Tutorial: http://www.cnblogs.com/getherBlog/p/3930317.htmlSeveral commands are used:Keytool-genkeypair-alias certificatekey -keyalg rsa-validity 7-keystore Keystore.jksKeytool-export-alias Certificatekey-key Store Keystore.jks-rfc-file selfcert.cerKeytool-Import -alias certificatekey-file selfcert.cer-keystore Truststore.jksWith administrator privileges, enter the appropriate content, these three commands can generate two SSL key files, Keystore.jks
: keyentryCertificate Chain Length: 1Certificate [1]:Owner: Cn = yourname, ou = your organization, O = "your organization name ",L = your city name, St = your province name, c = CnIssuer: Cn = Duke, ou = Java software, O = "Sun Microsystems, Inc.", L = Palo Alto, St = Ca, c = usSerial number: 3c22adc1Valid from: Thu DEC 20 19:34:25 PST 2001 until: Thu Dec 27 19:34:25 PST 2001Certificate fingerprints:MD5: F1: 5b: 9B: A1: F7: 16: Cf: 25: Cf: F4: FF: 35:
GlobalSign website, select the PKCS #7 format certificate (PKCS #7 Certificate Chain), which contains your certificate and root certificate chain, Keytool requires this format certificate, save the
the second is extended verification. Certification Bodies (CAS) provide more advanced security certifications through extended verification. Key storage zones of all mainstream browsers contain root and extended verification information so that they can authenticate the reliability of specific applications.
Certificate hierarchy
I hope you have understood the general idea. Let's code it now.Products Used
IDE:Netbeans 7.2
a trust certificate to java:1. Export the cer format file of the certificate from the chrome browser;
2. Import the cer certificate to the java certificate trust libraryD: Program Fil
Before building the Java code implementation, we need to complete the production of the certificate.1. Generate the Keystroe fileExecute the following command at the command line:
Keytool-genkey-validity 36000-alias jlxrsa-keyalg rsa-keystore d:\jlxrsz.keystore
which-genkey indicates that the key is generated-validity Specify the
certificate in the file. In Sunjsse, a trust manager class is responsible for deciding whether to trust a remote certificate, which has the following processing rules:1 if the system attribute javax.net.sll.trustStore specifies the Truststore file, then the trust manager will go to the lib/security/directory under the JRE installation path to look for and use this file to check the
KeyStore in the format:Keytool-exportcert-alias [domain]-1-keystore jssecacerts-storepass changeit-file [domain name].cer# Keytool-exportcert-alias www.test.abcd.com-1-keystore jssecacerts-storepass changeit-file Www.test.abcd.com.Certificate stored in file 4. Import the certificate into the system KeyStore in the following format:Keytool-importcert-alias [domai
Java https server certificate authentication Solution
"Unable to find valid certification path to requested target", "PKIX path building failed" error for Java https connectionCause
This problem occurs because the Java root certificate library does not contain the root
: Genkeypair: Generates a pair of asymmetric keys;-alias: Specifies the alias of the key pair, which is exposed;-KEYALG: Specifies the cryptographic algorithm, in this case, the common RAS encryption algorithm;-keystore: The path and name of the KeyStore, If not specified, by default, the password for a ". KeyStore" file in the operating system's user directory must be at least 6 characters, can be a pure number or a combination of letters or numbers and letters, and so on, you specify "first a
Click 1. Use Google Chrome to open the URL you want to visit, click the Small lock icon next to the URL2. Click Certificates3. Click Copy to file in the details and follow the steps4. The next step is to use the Keytool tool to package the certificate into the store format, and then enter the KeyStore password for a series of operations to get Ttt.store (own name)5. Then jmeter the option--"SSL manager to
, and a level certificate can also issue a secondary certificate to other users if allowed. Take windows, ie as an example (ie shared the certificate in Windows System), after Windows is installed, the system has trusted the root certificate of some authoritative certificate
One: The package that needs to be includedImport java.security.*;Import java.io.*;Import java.util.*;Import java.security.*;Import java.security.cert.*;Import sun.security.x509.*Import Java.security.cert.Certificate;
certificate based on the certificate in the file. In Sunjsse, there is a trust manager class responsible for deciding whether to trust the remote certificate, which has the following processing rules:1) If the system attribute javax.net.sll.trustStore specifies the Truststore file, then trust manager will go to the lib/security/directory under the JRE installati
With Certificate:
Getting Tomcat SSL (HTTPS) Working1.Create a certificate keystore containing a single self-signed certificate by executing the Follo Wing command. Specify a password value of "Changeit". Note, this command creates both the certificate and the KeyStore
Windows: Enter in the%java_home%/bin/directory:
use Java to access this HTTPS site. Therefore, if you use Java to access an HTTPS resource and find that the certificate is untrusted, you will be quoted the error at the beginning of the article.
How to solve the problem1) Import the certificate into the JDK's trust
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.