使用Java 8中的证书更新Java 6 cacerts [英] Updating java 6 cacerts with those from java 8

问题描述

Rackspace替换了过时的证书，我按照他们的指示使用keytool来更新Java 6的cacerts(没有成功)(keytool).

Rackspace replaced an outdated certificate, ive followed their instructions using keytool to update the cacerts for java 6 with no success (keytool).

起作用的只是将Java 6中的cacerts文件替换为Java 8中的cacerts文件.

What did work was just replacing the cacerts file from java 6 with one from java 8.

这可以吗?我认为两者之间的格式是相同的，并且只是在版本之间进行了更新.

Is this "OK" to do? i assume formats between the two are the same and they are simply updated between version.

如果这是一个愚蠢的问题，请提前道歉

Apologies in advance if this is a stupid question

推荐答案

我最初做过同样的事情，然后符号链接到Java 8文件.但是我的问题是在macOs High Sierra(10.13.x)上安装了Java 6.

I initially did the same thing, and then symlinked to the java 8 file. But my problem was that the java 6 installation on macOs High Sierra (10.13.x).

# store path to java 6 home
tmp $ j6Security=$(/usr/libexec/java_home -v '1.6*')/lib/security;

# show pre-update state
tmp $ ls -la  "$j6Security"
total 16
drwxr-xr-x  10 root  wheel    320 Jan 20 19:39 .
drwxr-xr-x  41 root  wheel   1312 Jan 20 19:39 ..
-rw-r--r--   1 root  wheel   2469 Jul 14  2015 US_export_policy.jar
lrwxr-xr-x   1 root  wheel     79 Jan 20 19:39 blacklist -> /System/Library/Java/Support/Deploy.bundle/Contents/Home/lib/security/blacklist
lrwxr-xr-x   1 root  wheel     81 Jan 20 19:39 cacerts -> /System/Library/Java/Support/CoreDeploy.bundle/Contents/Home/lib/security/cacerts
-rw-r--r--   1 root  wheel   3443 Jul 14  2015 java.policy
-rw-r--r--   1 root  wheel  13458 Jul 14  2015 java.security
-rw-r--r--   1 root  wheel   2486 Jul 14  2015 local_policy.jar
-rw-r--r--   1 root  wheel    347 Jul 14  2015 sunpkcs11-macosx.cfg
lrwxr-xr-x   1 root  wheel     87 Jan 20 19:39 trusted.libraries -> /System/Library/Java/Support/Deploy.bundle/Contents/Home/lib/security/trusted.libraries

# store path to current (i.e., switcher) home
tmp $ jXSecurity=/Library/Internet\ Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security;

# replace (broken) j6 files with symlink to current files
tmp $ for file in blacklist cacerts trusted.libraries; do src="${jXSecurity}/${file}" tgt="${j6Security}/${file}"; test -f $tgt && sudo rm $tgt; sudo ln -s "$src" "$tgt"; done

# show post-update state
tmp $ ls -la "$j6Security"
total 16
drwxr-xr-x  10 root  wheel    320 Jan 20 20:33 .
drwxr-xr-x  41 root  wheel   1312 Jan 20 19:39 ..
-rw-r--r--   1 root  wheel   2469 Jul 14  2015 US_export_policy.jar
lrwxr-xr-x   1 root  wheel     87 Jan 20 20:33 blacklist -> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/blacklist
lrwxr-xr-x   1 root  wheel     85 Jan 20 20:33 cacerts -> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/cacerts
-rw-r--r--   1 root  wheel   3443 Jul 14  2015 java.policy
-rw-r--r--   1 root  wheel  13458 Jul 14  2015 java.security
-rw-r--r--   1 root  wheel   2486 Jul 14  2015 local_policy.jar
-rw-r--r--   1 root  wheel    347 Jul 14  2015 sunpkcs11-macosx.cfg
lrwxr-xr-x   1 root  wheel     95 Jan 20 20:33 trusted.libraries -> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/trusted.libraries

如果我想固定j8，可以将jXSecurity=/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/trusted.libraries替换为j8Security=$(/usr/libexec/java_home -v '1.8*').此操作和复制文件(在本示例中已链接到文件)都可以正常工作.

If I wanted to pin j8, I would replace jXSecurity=/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/trusted.libraries with j8Security=$(/usr/libexec/java_home -v '1.8*'). Both this and copying the files (that I've symlinked in this example) worked fine.

(在我的情况下，已安装的符号链接(在"pre-update"输出中)指向不存在的文件.我的maven下载失败，并显示"peer not authenticated".对我的jdk6安装应用这些更改之后，一切开始再次工作.)

这篇关于使用Java 8中的证书更新Java 6 cacerts的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！