如何导入Java密钥库中的现有x509证书和私钥以在SSL中使用? [英] How to import an existing x509 certificate and private key in Java keystore to use in SSL?
问题描述
我在activemq配置中有这个
I have this in activemq config
<sslContext>
<sslContext keyStore="file:/home/alex/work/amq/broker.ks"
keyStorePassword="password" trustStore="file:${activemq.base}/conf/broker.ts"
trustStorePassword="password"/>
</sslContext>
我有一对x509证书和密钥文件
I have a pair of x509 cert and a key file
如何导入这两个用于ssl和ssl + stomp连接器?我可以谷歌的所有例子总是自己生成密钥,但我已经有了密钥。
How do I import those two to be used in ssl and ssl+stomp connectors? All examples i could google always generate the key themselves, but I already have a key.
我试过了
keytool -import -keystore ./broker.ks -file mycert.crt
但这仅导入证书而不是密钥文件并导致
but this only imports the certificate and not the key file and results in
2009-05-25 13:16:24,270 [ localhost:61612]错误TransportConnector - 无法接受连接:没有可用的证书或密钥对应于已启用的SSL密码套件。
I尝试连接证书和密钥但得到相同的结果
I have tried concatenating the cert and the key but got the same result
如何导入密钥?
推荐答案
相信与否,keytool不提供将私钥导入密钥库等基本功能。您可以通过将PKSC12文件与私钥合并到密钥库来尝试此解决方法。
Believe or not, keytool does not provide such basic functionality like importing private key to keystore. You can try this workaround with merging PKSC12 file with private key to a keystore.
或者只是使用更友好的用户 KeyMan 用于密钥库处理而不是keytool.exe。
Or just use more user-friendly KeyMan from IBM for keystore handling instead of keytool.exe.
这篇关于如何导入Java密钥库中的现有x509证书和私钥以在SSL中使用?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!