英文:
Can we export certificates from JRE's "cacerts" file and import it to higher JRE version?
问题
我正在使用 JRE 8u211。我在 cacerts 中添加了一些证书。但是当我将 JRE 升级到 8u261 时,这些证书没有被导入。因此现在我希望能够通过别名编程方式从 8u211 的 cacerts 文件中导出所需的证书,然后将这些证书导入到 8u261 的 cacerts 文件中。
这种操作是否可行或受支持?
提前感谢。
英文:
I am using a JRE 8u211. And i have few certificates added in cacerts. But when I upgrade JRE to 8u261, those certificates are not getting imported. So now i want to programmatically export the required certificates from cacerts file of 8u211 using the alias names and then import those certificates to the cacerts file of 8u261.
Is this even possible or supported?
Thanks in advance.
答案1
得分: 4
证书只是一种数据。您绝对可以将其导出到文件,然后将该数据导入到其他文件中。
如果您只想将一个信任存储库文件的数据导入另一个文件,您可以直接使用缓冲区,而无需将数据存储到中间文件中:
keytool.exe -importkeystore -srckeystore %JAVA_HOME%\lib\security\cacerts -destkeystore \your\file\path\filename
-deststoretype jks
-srcstorepass changeit -deststorepass changeit
-v -noprompt
但是,您也可以逐个执行这两个操作:
-
导出证书:
keytool -export -alias alias_name -keystore path_to_keystore_file -rfc -file path_to_certificate_file -
导入证书:
keytool -importcert -alias alias_name -file path_to_certificate_file -keystore truststore_file
英文:
Certificate is just a data. You definitely can export it to the file, and import that data into some other file.
If you just want to import one truststore file's data into another, you can directly make use of buffer without storing data into an intermediary file:
keytool.exe -importkeystore -srckeystore %JAVA_HOME%\lib\security\cacerts -destkeystore \your\file\path\filename
-deststoretype jks
-srcstorepass changeit -deststorepass changeit
-v -noprompt
However, you can also do these two operations one by one:
-
To export the certificate:
keytool -export -alias alias_name -keystore path_to_keystore_file -rfc -file path_to_certificate_file -
To import the certificate:
keytool -importcert -alias alias_name -file path_to_certificate_file -keystore truststore_file
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论