## 打印所有证书指纹。如果是cacerts,则指本机安装的jdk的key store;如果是一个jks文件,则是其他key store keytool -list -keystore <cacerts|xxx.jks> -storepass <changeit> ## 如果指定了-v选项,将以可读格式打印证书 keytool -list -v -keystore <cacerts|xxx.jks> -storepass <changeit> ## 如果指定了-rfc选项,将以可打印的编码格式输出证书 keytool -list -rfc -keystore <cacerts|xxx.jks> -storepass <changeit> # [e.g.] keytool -list -rfc -keystore C:jdk1.7.0_141jrelibsecuritycacerts -storepass changeit >> certs.cer ## 导入证书到cacerts中 keytool -import -alias <cert name> -keystore <cacerts> -file <xxx.cer> # [e.g.] keytool -import -alias tpsoauth -keystore C:jdk1.7.0_141jrelibsecuritycacerts -file C:UsersmeDesktop psoauth.cer ## 导入key store到cacerts中 keytool -importkeystore -srckeystore <xxx.jks> -srcstorepass changeit -destkeystore <cacerts> -deststorepass <changeit> # [e.g.] keytool -importkeystore -srckeystore C:UsersmeDesktopcersDEV_cacerts.jks -srcstorepass changeit -destkeystore C:jdk1.7.0_141jrelibsecuritycacerts -deststorepass changeit ## 删除某个证书 keytool -delete -alias <cert name> -keystore <cacerts> # [e.g.] keytool -delete -alias tpsoauth -keystore C:jdk1.7.0_141jrelibsecuritycacerts