keytool -printcert -sslserver 10.10.192.90:8443 -rfc >nexus.crt
通过 openssl 将 证书转换为 .pem格式的
通过以下命令, 转换为 .pem格式
openssl x509 -in a.cer -out a.pem
openssl version -d
get the directory, add the content to the tail of the files.
- AIX, OpenSSL 0.9.6 (from OpenSSH support packages) /var/ssl/
- Centos 3 / 4, OpenSSL 0.9.7 /usr/share/ssl/
- Cygwin, OpenSSL 0.9.6 /usr/ssl/
- Debian Woody (3.0), OpenSSL 0.9.6 /etc/ssl/
- Debian Sarge (3.1), OpenSSL 0.9.7 /etc/ssl/
- Debian Etch (4.0), OpenSSL 0.9.8 /etc/ssl/
- Debian Lenny (5.0), OpenSSL 0.9.8 /etc/ssl/
- Debian Squeeze (6.0), OpenSSL 0.9.8o /etc/ssl/
- FreeBSD, OpenSSL 0.9.8 /etc/ssl/
- FreeBSD, OpenSSL 0.9.x (custom complile) /usr/local/openssl/
- Gentoo, OpenSSL 0.9.6 /usr/lib/ssl/
- Gentoo, OpenSSL 0.9.7 /etc/ssl/
- Mac OS X 10.1.2, OpenSSL 0.9.6b /System/Library/OpenSSL/
- Mandrake 7.1 -> 8.2, OpenSSL 0.9.6 /usr/lib/ssl/
- NetBSD, OpenSSL 0.9.x /etc/openssl/
- Nokia N900 Maemo 5, OpenSSL 0.9.8n /etc/ssl/
- Normal OpenSSL Tarball Build, OpenSSL 0.9.6 /usr/local/ssl/
- OpenBSD, OpenSSL 0.9.x /etc/ssl/
- Redhat 6.2 / 7.x / 8.0 / 9, OpenSSL 0.9.6 /usr/share/ssl/
- Redhat Enterprise 3 / 4, OpenSSL 0.9.7 /usr/share/ssl/
- Redhat Enterprise 6, OpenSSL 1.0.0 /etc/pki/tls/
- Redhat Fedora Core 2 / 3, OpenSSL 0.9.7 /usr/share/ssl/
- Redhat Fedora Core 4, OpenSSL 0.9.7 /etc/pki/tls/
- Redhat Fedora Core 5 / 6, OpenSSL 0.9.8 /etc/pki/tls/
- Slackware, OpenSSL 0.9.6 /etc/ssl/
- SuSE 7.3 / 8.0, OpenSSL 0.9.6 /usr/share/ssl/
- SuSE 8.1 / 8.2, OpenSSL 0.9.6 /etc/ssl/
- Ubuntu Maverick (10.10), OpenSSL 0.9.8o /etc/ssl/
- Ubuntu Precise (12.04), OpenSSL 1.0.1 /etc/ssl/
centos
---
Install the ca-certificates package:
yum install ca-certificates
Enable the dynamic CA configuration feature:
update-ca-trust enable
Add it as a new file to /etc/pki/ca-trust/source/anchors/:
cp foo.crt /etc/pki/ca-trust/source/anchors/
Use command:
update-ca-trust extract