zoukankan      html  css  js  c++  java
  • keytool导入导出多条目对比【原】

    步骤一:生成orange.keystore和banana.keystore

    keytool -genkey -alias orange -keyalg RSA -keysize 1024 -keypass kingkp -storepass kingsp -validity 365 -keystore d:/research/keystore/orange.keystore
    后续输入6次orange,并按y确认生成
    keytool -genkey -alias banana -keyalg RSA -keysize 1024 -keypass kingkp -storepass kingsp -validity 365 -keystore d:/research/keystore/banana.keystore
    后续输入6次banana,并按y确认生成

    步骤二:从orange.keystore和banana.keystore导出orange.cer和banana.cer


    keytool -export -alias orange -keystore d:/research/keystore/orange.keystore -file d:/research/cer/orange.cer -storepass kingsp
    keytool -export -alias banana -keystore d:/research/keystore/banana.keystore -file d:/research/cer/banana.cer -storepass kingsp

    步骤三:复制orange.keystore并备份成orangeBak.keystore,等会用于比较

    步骤四:把banana.cer证书导入到orange.keystore


    keytool -import -file D:/research/cer/banana.cer -keystore D:/research/keystore/orange.keystore -alias banana

    C:Users35992>keytool -import -file D:/research/cer/banana.cer -keystore D:/research/keystore/orange.keystore -alias banana
    输入密钥库口令:
    所有者: CN=banana, OU=banana, O=banana, L=banana, ST=banana, C=banana
    发布者: CN=banana, OU=banana, O=banana, L=banana, ST=banana, C=banana
    序列号: 8c15102
    有效期开始日期: Thu Oct 12 08:44:59 CST 2017, 截止日期: Fri Oct 12 08:44:59 CST 2018
    证书指纹:
    MD5: E4:7F:69:12:B5:00:AF:21:B2:12:22:8B:38:3C:41:2E
    SHA1: DD:93:47:C3:10:83:4C:BA:9D:92:BD:69:61:56:71:78:7A:AA:F8:81
    SHA256: B4:3C:1E:0A:9B:9E:72:94:7B:04:74:49:F4:C9:EC:FB:32:8F:AE:26:FD:2D:46:39:A3:FA:FD:37:FE:49:F7:EF
    签名算法名称: SHA256withRSA
    版本: 3
    
    扩展:
    
    #1: ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: 1F 3F 29 5F 87 23 C6 09 1D 2F DE 73 AD 8A CB 9E .?)_.#.../.s....
    0010: 5D 3B 69 E3 ];i.
    ]
    ]
    
    是否信任此证书? [否]: y
    证书已添加到密钥库中

    步骤四报错补充说明:
    以下导入会导致步骤四报错:因为orange.keystore中已存在orange.cer证书
    keytool -import -file D:/research/cer/orange.cer -keystore D:/research/keystore/orange.keystore -alias orange
    以下导入会导致步骤四报错:因为orange.cer中没有banana这个别名
    keytool -import -file D:/research/cer/banana.cer -keystore D:/research/keystore/orange.keystore -alias banana
    以下导入会导致步骤四报错:因为没有指定keystore文件
    keytool -import -file D:/research/cer/banana.cer -keystore D:/research/keystore/ -alias banana

    步骤五:比较旧keystore和新合并的keystore差异


    keytool -list -v -keystore d:/research/keystore/orangeBak.keystore -storepass kingsp
    keytool -list -v -keystore d:/research/keystore/orange.keystore -storepass kingsp

    显示结果如下:

    keytool -list -v -keystore d:/research/keystore/orangeBak.keystore -storepass kingsp

    C:Users35992>keytool -import -file D:/research/cer/banana.cer -keystore D:/research/keystore/orange.keystore -alias banana
    输入密钥库口令: kingkp
    所有者: CN=banana, OU=banana, O=banana, L=banana, ST=banana, C=banana
    发布者: CN=banana, OU=banana, O=banana, L=banana, ST=banana, C=banana
    序列号: 8c15102
    有效期开始日期: Thu Oct 12 08:44:59 CST 2017, 截止日期: Fri Oct 12 08:44:59 CST 2018
    证书指纹:
    MD5: E4:7F:69:12:B5:00:AF:21:B2:12:22:8B:38:3C:41:2E
    SHA1: DD:93:47:C3:10:83:4C:BA:9D:92:BD:69:61:56:71:78:7A:AA:F8:81
    SHA256: B4:3C:1E:0A:9B:9E:72:94:7B:04:74:49:F4:C9:EC:FB:32:8F:AE:26:FD:2D:46:39:A3:FA:FD:37:FE:49:F7:EF
    签名算法名称: SHA256withRSA
    版本: 3
    
    扩展:
    
    #1: ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: 1F 3F 29 5F 87 23 C6 09 1D 2F DE 73 AD 8A CB 9E .?)_.#.../.s....
    0010: 5D 3B 69 E3 ];i.
    ]
    ]
    
    是否信任此证书? [否]: y
    证书已添加到密钥库中
    
     
    
    C:Users35992>keytool -list -v -keystore d:/research/keystore/orangeBak.keystore -storepass kingsp
    
    密钥库类型: JKS
    密钥库提供方: SUN
    
    您的密钥库包含 1 个条目
    
    别名: orange
    创建日期: 2017-10-12
    条目类型: PrivateKeyEntry
    证书链长度: 1
    证书[1]:
    所有者: CN=orange, OU=orange, O=orange, L=orange, ST=orange, C=orange
    发布者: CN=orange, OU=orange, O=orange, L=orange, ST=orange, C=orange
    序列号: 49190147
    有效期开始日期: Thu Oct 12 08:44:41 CST 2017, 截止日期: Fri Oct 12 08:44:41 CST 2018
    证书指纹:
    MD5: 33:8A:CA:1D:85:73:7B:98:FC:57:3B:AC:BA:B7:72:55
    SHA1: 8C:BB:15:8D:DD:0A:10:85:C7:A5:AB:41:82:66:60:02:F6:80:46:6C
    SHA256: 26:2D:2D:3B:65:14:63:AB:89:C7:72:9D:3A:29:C7:C2:8F:0B:DD:71:F1:76:E3:70:82:8E:C1:08:EF:8D:AE:D4
    签名算法名称: SHA256withRSA
    版本: 3
    
    扩展:
    
    #1: ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: F5 E0 C4 5E B5 84 3D B8 F8 1E 25 DB 80 20 E8 94 ...^..=...%.. ..
    0010: AE C3 27 1B ..'.
    ]
    ]
    
     
    
    *******************************************
    *******************************************

    keytool -list -v -keystore d:/research/keystore/orange.keystore -storepass kingsp

    C:Users35992>keytool -list -v -keystore d:/research/keystore/orange.keystore -storepass kingsp
    
    密钥库类型: JKS
    密钥库提供方: SUN
    
    您的密钥库包含 2 个条目
    
    别名: banana
    创建日期: 2017-10-12
    条目类型: trustedCertEntry
    
    所有者: CN=banana, OU=banana, O=banana, L=banana, ST=banana, C=banana
    发布者: CN=banana, OU=banana, O=banana, L=banana, ST=banana, C=banana
    序列号: 8c15102
    有效期开始日期: Thu Oct 12 08:44:59 CST 2017, 截止日期: Fri Oct 12 08:44:59 CST 2018
    证书指纹:
    MD5: E4:7F:69:12:B5:00:AF:21:B2:12:22:8B:38:3C:41:2E
    SHA1: DD:93:47:C3:10:83:4C:BA:9D:92:BD:69:61:56:71:78:7A:AA:F8:81
    SHA256: B4:3C:1E:0A:9B:9E:72:94:7B:04:74:49:F4:C9:EC:FB:32:8F:AE:26:FD:2D:46:39:A3:FA:FD:37:FE:49:F7:EF
    签名算法名称: SHA256withRSA
    版本: 3
    
    扩展:
    
    #1: ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: 1F 3F 29 5F 87 23 C6 09 1D 2F DE 73 AD 8A CB 9E .?)_.#.../.s....
    0010: 5D 3B 69 E3 ];i.
    ]
    ]
    
     
    
    *******************************************
    *******************************************
    
    
    别名: orange
    创建日期: 2017-10-12
    条目类型: PrivateKeyEntry
    证书链长度: 1
    证书[1]:
    所有者: CN=orange, OU=orange, O=orange, L=orange, ST=orange, C=orange
    发布者: CN=orange, OU=orange, O=orange, L=orange, ST=orange, C=orange
    序列号: 49190147
    有效期开始日期: Thu Oct 12 08:44:41 CST 2017, 截止日期: Fri Oct 12 08:44:41 CST 2018
    证书指纹:
    MD5: 33:8A:CA:1D:85:73:7B:98:FC:57:3B:AC:BA:B7:72:55
    SHA1: 8C:BB:15:8D:DD:0A:10:85:C7:A5:AB:41:82:66:60:02:F6:80:46:6C
    SHA256: 26:2D:2D:3B:65:14:63:AB:89:C7:72:9D:3A:29:C7:C2:8F:0B:DD:71:F1:76:E3:70:82:8E:C1:08:EF:8D:AE:D4
    签名算法名称: SHA256withRSA
    版本: 3
    
    扩展:
    
    #1: ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: F5 E0 C4 5E B5 84 3D B8 F8 1E 25 DB 80 20 E8 94 ...^..=...%.. ..
    0010: AE C3 27 1B ..'.
    ]
    ]
    
     
    
    *******************************************
    *******************************************

     对比后可以看到新的密钥库已经变成了2个条目的keystore

    我的其它相关链接

    keytool导入导出多条目对比

    java keytool证书工具使用小结【转】

  • 相关阅读:
    揭开Future的神秘面纱——任务取消
    阻塞队列和生产者-消费者模式
    ExecutorService——<T> Future<T> submit(Callable<T> task)
    ExecutorService接口概要
    Executor简介
    使用显式的Lock对象取代synchronized关键字进行同步
    SingleThreadExecutor(单线程执行器)
    后台线程(daemon)
    加入一个线程
    计算机网络的一些英文缩写词
  • 原文地址:https://www.cnblogs.com/whatlonelytear/p/7654689.html
Copyright © 2011-2022 走看看