如何在 Eclipse 中向 SonarLint 添加证书 [英] How to add certificates to SonarLint in Eclipse

问题描述

连接我的 SonarQube 服务器需要证书.我已经安装了 SonarLint 插件，但它没有任何选项可以添加证书来连接我的 SonarQube 服务器.它只有 URL、用户名、密码选项.有没有办法设置证书?

A certificate is required to connect my SonarQube server. I have installed the SonarLint plugin, but it does not have any option to add certificates to connect my SonarQube server. It has only URL, username , password options. Is there any way to set certificates ?

推荐答案

SonarLint 不允许配置证书，但可以将证书添加到 JRE 或 JDK.

SonarLint does not permit the configuration of certificates, but you can add certificate to JRE or JDK.

https://docs.oracle.com/javase/tutorial/security/toolsign/rstep2.html

从 Oracle 文档中复制的文本:

Copied text from the Oracle documentation:

在您可以授予签名代码读取指定文件的权限之前，您需要将 Susan 的证书作为可信证书导入您的密钥库中.

Before you can grant the signed code permission to read a specified file, you need to import Susan's certificate as a trusted certificate in your keystore.

假设你收到了来自苏珊的消息

Suppose that you have received from Susan

• 签名的 JAR 文件 sCount.jar，其中包含 Count.class 文件，以及
• Example.cer 文件，其中包含与用于签署 JAR 文件的私钥对应的公钥的公钥证书.

• the signed JAR file sCount.jar, which contains the Count.class file, and
• the file Example.cer, which contains the public key certificate for the public key corresponding to the private key used to sign the JAR file.

即使您创建了这些文件并且它们实际上并没有被传输到任何地方，您也可以模拟创建者和发送者 Susan 之外的其他人.假装你现在是雷.作为 Ray，您将创建一个名为 exampleraystore 的密钥库，并使用它将证书导入到别名为 susan 的条目中.

Even though you created these files and they haven't actually been transported anywhere, you can simulate being someone other than the creater and sender, Susan. Pretend that you are now Ray. Acting as Ray, you will create a keystore named exampleraystore and will use it to import the certificate into an entry with an alias of susan.

每当您使用 keytool 命令指定尚不存在的密钥库时，都会创建一个密钥库.因此，我们可以创建 exampleraystore 并通过单个 keytool 命令导入证书.在命令窗口中执行以下操作.

A keystore is created whenever you use a keytool command specifying a keystore that doesn't yet exist. Thus we can create the exampleraystore and import the certificate via a single keytool command. Do the following in your command window.

1. 转到包含公钥证书文件Example.cer的目录.(实际上您应该已经在那里了，因为本课假定您始终在一个目录中.)
2. 在一行中键入以下命令:

1. Go to the directory containing the public key certificate file Example.cer. (You should actually already be there, since this lesson assumes that you stay in a single directory throughout.)
2. Type the following command on one line:

keytool -import -alias susan -file Example.cer -keystore exampleraystore

由于密钥库尚不存在，它将被创建，并提示您输入密钥库密码；输入你想要的任何密码.

Since the keystore doesn't yet exist, it will be created, and you will be prompted for a keystore password; type whatever password you want.

keytool 命令将打印出证书信息并要求您进行验证，例如，将显示的证书指纹与从另一个(受信任的)信息来源获得的证书指纹进行比较.(每个指纹都是一个相对较短的数字，可以唯一可靠地识别证书.)例如，在现实世界中，您可能会打电话给 Susan 并询问她的指纹应该是什么.她可以通过执行命令获取她创建的Example.cer文件的指纹

The keytool command will print out the certificate information and ask you to verify it, for example, by comparing the displayed certificate fingerprints with those obtained from another (trusted) source of information. (Each fingerprint is a relatively short number that uniquely and reliably identifies the certificate.) For example, in the real world you might call up Susan and ask her what the fingerprints should be. She can get the fingerprints of the Example.cer file she created by executing the command

keytool -printcert -file Example.cer

如果她看到的指纹和keytool报告给你的指纹一样，说明证书在传输过程中没有被修改过.在这种情况下，您让 keytool 继续在密钥库中放置受信任的证书条目.该条目包含来自文件 Example.cer 的公钥证书数据，并被分配了别名 susan.

If the fingerprints she sees are the same as the ones reported to you by keytool, the certificate has not been modified in transit. In that case you let keytool proceed with placing a trusted certificate entry in the keystore. The entry contains the public key certificate data from the file Example.cer and is assigned the alias susan.

这篇关于如何在 Eclipse 中向 SonarLint 添加证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！