如何仅使用 keytool 导出所有中间证书,包括根证书 [英] How to export the all intermediate certs including root certificates using keytool only
问题描述
我正在尝试配置 SSL 并从服务器团队获取 .pfx 文件.证书链长度:2
I am Trying to configure SSL and got the .pfx file from server team. The Certificate chain length: 2
当我尝试使用 keytool 导出证书链时,仅导出第一个证书.
When i am trying to export the certificate chain using keytool, only the first certificate is exported.
试图找出在发出 keytool 命令时我是否遗漏了任何其他参数.
Trying to figure out if there is any other parameters i am missing while issuing keytool command.
我使用的命令是:
1) pfx 不支持转换为 JKS 作为别名
1) converting to JKS as alias name is not supported with pfx
keytool -importkeystore -srckeystore "serverauth.pfx" -srcstoretype pkcs12 -destkeystore "serverauth.jks"
2) 尝试使用以下方法导出证书.
2) Tried to Export certificates using the below.
keytool -export -alias 1 -keystore "serverauth.jks" -rfc -file "authclient.cert"
但上面的命令只生成第一个证书.
But above command generates only first cert.
如果我删除整个别名选项,则会出错
If i remove entire alias option, getting error
keytool error: java.lang.Exception: Alias <1> does not exist
有没有其他流程.
推荐答案
这适用于 Java 8 以将整个证书链导出到文件:
This works in Java 8 to export the whole certificate chain to a file:
keytool -list -alias yourcert -keystore /path/to/keystore -rfc
格式与 export 相同,只是它转储了整个链.你失去了 -file 选项,但你可以简单地使用 >
Same format as export except it dumps the whole chain. You lose out on the -file option, but you can simply redirect to a file using >
这篇关于如何仅使用 keytool 导出所有中间证书,包括根证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!