keytool命令的使用
## 打印所有证书指纹。如果是cacerts,则指本机安装的jdk的key store;如果是一个jks文件,则是其他key store keytool -list -keystore <cacerts|xxx.jks> -storepass <changeit> ## 如果指定了-v选项,将以可读格式打印证书 keytool -list -v -keystore <cacerts|xxx.jks> -storepass <changeit> ## 如果指定了-rfc选项,将以可打印的编码格式输出证书 keytool -list -rfc -keystore <cacerts|xxx.jks> -storepass <changeit> # [e.g.] keytool -list -rfc -keystore C:\jdk1.7.0_141\jre\lib\security\cacerts -storepass changeit >> certs.cer ## 导入证书到cacerts中 keytool -import -alias <cert name> -keystore <cacerts> -file <xxx.cer> # [e.g.] keytool -import -alias tpsoauth -keystore C:\jdk1.7.0_141\jre\lib\security\cacerts -file C:\Users\me\Desktop\tpsoauth.cer ## 导入key store到cacerts中 keytool -importkeystore -srckeystore <xxx.jks> -srcstorepass changeit -destkeystore <cacerts> -deststorepass <changeit> # [e.g.] keytool -importkeystore -srckeystore C:\Users\me\Desktop\cers\DEV_cacerts.jks -srcstorepass changeit -destkeystore C:\jdk1.7.0_141\jre\lib\security\cacerts -deststorepass changeit ## 删除某个证书 keytool -delete -alias <cert name> -keystore <cacerts> # [e.g.] keytool -delete -alias tpsoauth -keystore C:\jdk1.7.0_141\jre\lib\security\cacerts