openssl fails to produce a pfx with a valid alias

╄→гoц情女王★ 提交于 2019-12-03 17:15:31

问题


I am trying to generate a pfx file to use as a signing mechanism for some JAR files as per these instructions.

To create the pfx file I am using the following command

openssl pkcs12 -export -in my-cert.crt -inkey my-priv-key.key -certfile my-ca-bundle -out my-pfx.pfx

This command successfully generates me a pfx file, however, when I try to find the alias using the following command

keytool -list -storetype pkcs12 -keystore my-pfx.pfx -v | grep Alias

I get the following response

Alias name: 2

According to the note linked above (and other research I have done) the Alias returned should look something like this

le-d491f28f-ee7b-40e2-b1a7-2b7c3a71979a

If I try to use the Alias value I am getting (e.g. 2) using the following command

jarsigner -keystore my-pfx.pfx -storetype PKCS12 jacob.jar 2

which results in the following error message

jarsigner: Certificate chain not found for: 2.  2 must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.

I am totally stumped as to why I am not getting a correct alias.. Any helpful suggestions ?

Thanks


回答1:


Try using option -name "alias" with command openssl pkcs12.

So, the full command may look like (the rest of options were taken from your question):

openssl pkcs12 -export -in my-cert.crt -inkey my-priv-key.key -certfile my-ca-bundle -out my-pfx.pfx -name "alias"


来源:https://stackoverflow.com/questions/21138420/openssl-fails-to-produce-a-pfx-with-a-valid-alias

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!