问题
Apologies for my lack of understanding of certificates in general. I have a .p12 file (with a non-expired certificate) and a valid password so I can list the contents using:
keytool -list -keystore file.p12 -storepass password -storetype PKCS12 -v
In my Java code I am attempting an HTTPS post but keep getting this error:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching [host.path.com] found
This same post works against one of my other environments which does not have any authentication required and the link is HTTP (vs. HTTPS). How do I make this .p12 file work for it to be recognized in the handshake?
回答1:
You could use the following command
keytool -v -importkeystore -srckeystore alice.p12 -srcstoretype PKCS12 -destkeystore "c:\Program Files\Java\jre1.8.0_71\lib\security\cacerts" -deststoretype JKS
Default password for your cacerts will be changeit
Where trust store will be your JRE trust store
Please refer here for more information http://www.webfarmr.eu/2010/04/import-pkcs12-private-keys-into-jks-keystores-using-java-keytool/
来源:https://stackoverflow.com/questions/36778525/how-to-add-a-p12-keystore-with-one-entry