合并2个.jks信任库文件 [英] Merge 2 .jks truststore files
问题描述
我正在使用已启用SSL的Tomcat,并使用信任库进行客户端身份验证.
I am using a Tomcat that is SSL enabled, using truststores for client authentication.
我有两个.jks trustore文件.
I have two .jks trustore files.
首先,我将其用于PROD环境,将其用于TEST环境客户端证书.
The first, I use it for the PROD environment and the other for the TEST environment client certificates.
我在Tomcat上部署了Web应用程序,直到现在,我还是在配置中设置了上述文件之一(根据环境而定).
I deploy the web application, on a Tomcat and until now i was setting one of the above files in the configuration (according to the environment).
是否可以将这些文件合并到一个将接受PROD和TEST环境的客户端证书的.jks信任库中?
Is it possible i can merge those files into one .jks truststore that will accept client certificates both for PROD and TEST environments?
我需要提及的是,我拥有两个信任库的密码.
I need to mention that i have the passwords for both truststores.
谢谢!
推荐答案
您可以使用keytool的-importkeystore
选项将条目从一个密钥库/信任库导入到另一个:
You can use the -importkeystore
option of keytool to import an entry from one keystore/truststore to another:
keytool -importkeystore -srckeystore test.jks -destkeystore common.jks -srcalias myRootCA -destalias myRootCA_TEST -srcstorepass **** -deststorepass ****
keytool -importkeystore -srckeystore prod.jks -destkeystore common.jks -srcalias myRootCA -destalias myRootCA_PROD -srcstorepass **** -deststorepass ****
然后common.jks将包含两个CA以验证客户端证书.但是,可能还需要重新配置该应用程序.
The common.jks will then contain both CA to validate the client certificates. However, the application may also need to be reconfigured.
这篇关于合并2个.jks信任库文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!