发表新帖
发表新帖

Import StartCom CA certificates in Windows JRE

后端 未结
关注
4 1800
星月不相逢
星月不相逢 2021-02-02 00:02

I have a Java application accessing a service that uses a StartCom SSL certificate. For this to work, I need to add the StartCom CA certs to Java\'s truststore, because they\'re

相关标签:
4条回答
  • 北海茫月
    2021-02-02 00:17

    Yes, -trustcacerts is the right syntax.

    But for the linked script to work under Cygwin you need to remove sudo from all keytool lines - sudo is unavailable in Cygwin.

    0 讨论(0)
  • 深忆病人
    2021-02-02 00:30

    Remove -trustcacerts

    0 讨论(0)
  • 执笔经年
    2021-02-02 00:31

    On Mac OS X Mavericks 10.9 I did this:

    I always make a tmp directory that I delete later, but you don’t have to:

    mkdir ~/tmp
cd ~/tmp

    Then download the certs:

    curl http://www.startssl.com/certs/ca.crt -O
curl http://www.startssl.com/certs/sub.class1.server.ca.crt -O
curl http://www.startssl.com/certs/sub.class2.server.ca.crt -O
curl http://www.startssl.com/certs/sub.class3.server.ca.crt -O
curl http://www.startssl.com/certs/sub.class4.server.ca.crt -O

    Get your Java home:

    $ /usr/libexec/java_home
/Library/Java/JavaVirtualMachines/jdk1.7.0_45.jdk/Contents/Home

    Use keytool to install it:

    sudo keytool -import -trustcacerts -keystore /Library/Java/JavaVirtualMachines/jdk1.7.0_45.jdk/Contents/Home/jre/lib/securitycacerts -storepass changeit -noprompt -alias startcom.ca -file ca.crt

sudo keytool -import -trustcacerts -keystore /Library/Java/JavaVirtualMachines/jdk1.7.0_45.jdk/Contents/Home/jre/lib/security/cacerts -storepass changeit -noprompt -alias startcom.ca.sub.class1 -file sub.class1.server.ca.crt

sudo keytool -import -trustcacerts -keystore /Library/Java/JavaVirtualMachines/jdk1.7.0_45.jdk/Contents/Home/jre/lib/securitycacerts -storepass changeit -noprompt -alias startcom.ca.sub.class2 -file sub.class2.server.ca.crt

sudo keytool -import -trustcacerts -keystore /Library/Java/JavaVirtualMachines/jdk1.7.0_45.jdk/Contents/Home/jre/lib/securitycacerts -storepass changeit -noprompt -alias startcom.ca.sub.class3 -file sub.class3.server.ca.crt

sudo keytool -import -trustcacerts -keystore /Library/Java/JavaVirtualMachines/jdk1.7.0_45.jdk/Contents/Home/jre/lib/securitycacerts -storepass changeit -noprompt -alias startcom.ca.sub.class4 -file sub.class4.server.ca.crt
    0 讨论(0)
  • 夕颜
    2021-02-02 00:34

    It was a simple typo. In converting the command I forgot a dash before "trustcacerts". :(

    0 讨论(0)
 看不清?
提交回复
热议问题