keytool命令的使用

## 打印所有证书指纹。如果是cacerts,则指本机安装的jdk的key store;如果是一个jks文件,则是其他key store
keytool -list -keystore <cacerts|xxx.jks> -storepass <changeit>
## 如果指定了-v选项,将以可读格式打印证书
keytool -list -v -keystore <cacerts|xxx.jks> -storepass <changeit>
## 如果指定了-rfc选项,将以可打印的编码格式输出证书
keytool -list -rfc -keystore <cacerts|xxx.jks> -storepass <changeit>
# [e.g.]
keytool -list -rfc -keystore C:\jdk1.7.0_141\jre\lib\security\cacerts -storepass changeit >> certs.cer

## 导入证书到cacerts中
keytool -import -alias <cert name> -keystore <cacerts> -file <xxx.cer>
# [e.g.]
keytool -import -alias tpsoauth -keystore C:\jdk1.7.0_141\jre\lib\security\cacerts -file C:\Users\me\Desktop\tpsoauth.cer

## 导入key store到cacerts中
keytool -importkeystore -srckeystore <xxx.jks> -srcstorepass changeit -destkeystore <cacerts> -deststorepass <changeit>
# [e.g.]
keytool -importkeystore -srckeystore C:\Users\me\Desktop\cers\DEV_cacerts.jks -srcstorepass changeit -destkeystore C:\jdk1.7.0_141\jre\lib\security\cacerts -deststorepass changeit

## 删除某个证书
keytool -delete -alias <cert name> -keystore <cacerts>
# [e.g.]
keytool -delete -alias tpsoauth -keystore C:\jdk1.7.0_141\jre\lib\security\cacerts

 

posted @ 2019-06-21 11:43  Storm_L  阅读(3306)  评论(0编辑  收藏  举报