将证书作为 PrivateKeyEntry 导入 [英] Import certificate as PrivateKeyEntry
问题描述
我正在 Tomcat 服务器上安装 SSL,并按照发行者的这些说明进行操作 https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&actp=CROSSLINK&id=SO16181 并指出:
I am installing SSL on a Tomcat server and am following these instructions from the issuer https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&actp=CROSSLINK&id=SO16181 and it states:
Verify the following information:
The SSL certificate is imported into the alias with the "Entry Type" of
PrivateKeyEntry or KeyEntry. If not, please import the certificate into
the Private Key alias.
当我导入我使用的证书 (tomcat) 时:
When I import the certificate (tomcat) I am using:
keytool -import -trustcacerts -alias your_alias_name -keystore your_keystore_filename
-file your_certificate_filename
但是当我这样做时,它会作为 trustCertEntry 导入
but when I do so it imports as trustCertEntry
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 3 entries
primaryca, Jul 26, 2014, trustedCertEntry,
Certificate fingerprint (SHA1): <snip>
tomcat, Jul 26, 2014, trustedCertEntry,
Certificate fingerprint (SHA1): <snip>
secondaryca, Jul 26, 2014, trustedCertEntry,
Certificate fingerprint (SHA1): <snip>
如何将别名 tomcat 导入为 PrivateKeyEntry?
How can I make alias tomcat import as PrivateKeyEntry?
推荐答案
去掉 -trustcacerts
选项.它不是 CA 证书.这是您的证书.并使用私钥已有的相同别名.
Get rid of the -trustcacerts
option. It isn't a CA certificate. It's your certificate. And use the same alias the private key already had.
这篇关于将证书作为 PrivateKeyEntry 导入的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!