将证书作为 PrivateKeyEntry 导入 [英] Import certificate as PrivateKeyEntry

问题描述

我正在 Tomcat 服务器上安装 SSL，并按照发行者的这些说明进行操作 https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&actp=CROSSLINK&id=SO16181 并指出:

I am installing SSL on a Tomcat server and am following these instructions from the issuer https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&actp=CROSSLINK&id=SO16181 and it states:

Verify the following information:

The SSL certificate is imported into the alias with the "Entry Type" of 
PrivateKeyEntry or KeyEntry.  If not, please import the certificate into 
the Private Key alias.

当我导入我使用的证书 (tomcat) 时:

When I import the certificate (tomcat) I am using:

keytool -import -trustcacerts -alias your_alias_name -keystore your_keystore_filename
-file your_certificate_filename

但是当我这样做时，它会作为 trustCertEntry 导入

but when I do so it imports as trustCertEntry

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 3 entries

primaryca, Jul 26, 2014, trustedCertEntry,
Certificate fingerprint (SHA1): <snip>
tomcat, Jul 26, 2014, trustedCertEntry,
Certificate fingerprint (SHA1):  <snip>
secondaryca, Jul 26, 2014, trustedCertEntry,
Certificate fingerprint (SHA1):  <snip>

如何将别名 tomcat 导入为 PrivateKeyEntry?

How can I make alias tomcat import as PrivateKeyEntry?

推荐答案

去掉 -trustcacerts 选项.它不是 CA 证书.这是您的证书.并使用私钥已有的相同别名.

Get rid of the -trustcacerts option. It isn't a CA certificate. It's your certificate. And use the same alias the private key already had.

这篇关于将证书作为 PrivateKeyEntry 导入的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！