发表新帖
发表新帖

Newbie keytool command — how to update cert already added to keystore?

后端 未结
关注
1 839
执笔经年
执笔经年 2021-01-02 07:34

I have a self-signed cert for my linux email server exim. To enable my Java functions to access this email server via GlassFish, I originally issued:

# keyto
相关标签:
1条回答
  • 执念已碎
    2021-01-02 07:46

    Probably the simplest way would be to have keytool delete the original cert and generate a new cert with the same information. A good way to get around this, if you have a small VM you can spare for it is to install EJBCA. It's kinda clunky, but EJBCA is a free, open source CA server written in Java. You can create your own fake CA certs, user certs, server certs, etc. that all have trust chains. Plus it's pretty good for quickly generating a new JKS file for you when you reissue a certificate after one's expired.

    To delete:

    keytool -delete -keystore myfile.jks -alias 'alias_from_keytool_-list'

    0 讨论(0)
 看不清?
提交回复
热议问题