1.产生一个keystore:

keytool -genkey -alias myssl -keyalg RSA -keystore myssl.jks

运行这个命令,系统提示:

Enter keystore password:(输入keystore密码:) 
yourpassword(输入密码)

What is your first and last name?(您的名字与姓氏是什么?) 
[Unknown]: www.myssl.cn(输入申请的证书的域名)

What is the name of your organizational unit? (您的组织单位名称是什么?) 
[Unknown]:Fastcom(输入你所在组织单位的名字)

What is the name of your organization? (您的组织名称是什么?) 
[Unknown]:Fastcom (输入你所在组织的名字)

What is the name of your City or Locality?(您所在的城市或区域名称是什么?) 
[Unknown]:Shanghai(输入所在城市的名字)

What is the name of your State or Province? (您所在的州或省份名称是什么?) 
[Unknown]:Shanghai(输入所在省份名字)

What is the two-letter country code for this unit?(该单位的两字母国家代码是什么?) 
[Unknown]:CN(输入国家名字,如果是中国,请输入CN)

Is CN=www.myssl.cn, OU=fastcom, O=fastcom, L=Shanghai, ST=Shanghai, C=CN correct? [no]:
yes

2.检查一个keystore:

keytool -list -v -keystore myssl.jks

Enter keystore password:yourpassword(输入密码)

将显示keystore內容如下:

Keystore type: jks 
Keystore provider: SUN 
Your keystore contains 1 entry 
Alias name: myssl 
Creation date: Nov 24 , 2006 
Entry type: keyEntry 
Certificate chain length: 1 
Certificate[1]: 
Owner: CN=www.myssl.cn, OU=fatcom, O=fastcom, L=Shanghai, ST=Shanghai, C=CN 
Issuer: CN=www.myssl.cn, OU=fastcom, O=fastcom, L=Shanghai, ST=Shanghai, C=CN 
Serial number: 3c22adc1 
Valid from: Thu Nov 24 19:34:25 PST 2006 until: Thu Nov 24 19:34:25 PST 2007 
Certificate fingerprints: 
MD5: F1:5B:9B:A1:F7:16:CF:25:CF:F4:FF:35:3F:4C:9C:F0 
SHA1: B2:00:50:DD:B6:CC:35:66:21:45:0F:96:AA:AF:6A:3D:E4:03:7C:74

3.输出keystore到一个文件:testkey:

keytool -export -alias myssl -keystore myssl.jks -rfc -file testkey

系统输出:

Enter keystore password:your password(输入密码)

Certificate stored in file

4.输入证书到一个现有的keystore:

keytool -import -alias myssl -file testkey.cer -keystore myssl.jks 

Enter keystore password:your new password.(输入truststore新密码)

5.检查truststore:

keytool -list -v -keystore truststore

系统将显示truststore的信息.

posted on 2014-11-27 15:09  利刃  阅读(905)  评论(0编辑  收藏  举报