Javaのcacerts証明書ライブラリにセキュリティ証明書をインポート/削除する方法

3167 ワード 
      ,      SSL          ,       java  cacerts    ?
     ,    :
   :    https://www.xxx.com     ,           , 
            >>    >>   "  " >> 
          "    "    >> 
            "     "    
                    ,            。 
      :   abc.cer,  C   
   :        (abc.cer)      java  cacerts    ? 
         
        jdk   C:\jdk1.5    , 
       >>    >>   cmd   dos    >> 
      cd   C:\jdk1.5\jre\lib\security      
               
    keytool -import -alias cacerts -keystore cacerts -file d:\software\AKAZAM-Mail.cer -trustcacerts 
               cacerts      , 
       changeit   ,  java cacerts        , 
             。 
    ok,    ! 
   : CN=www.hqftest.com
   : CN=CA     SSL   G2, O=WoSign CA Limited, C=CN
   : 6850e21cfb92b1733122f5b90aa81e30
       : Sun Jun 12 18:33:05 CST 2016,     : Tue Jun 12 18:33:05 CST
2018
    :
         MD5: 49:AF:BE:EB:FA:AA:B0:9D:DF:63:8F:D6:CF:85:72:58
         SHA1: 15:51:AC:A4:59:EE:F1:09:8E:84:A7:95:82:73:30:5F:37:29:9B:52
         SHA256: 8C:F3:F9:7C:CF:5F:30:6B:6D:50:CE:83:3F:1D:67:CA:80:E7:58:2E:7F:
76:64:27:66:8F:57:49:52:FF:68:87
               : SHA256withRSA
           : 3

  :

#1: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
  [
   accessMethod: ocsp
   accessLocation: URIName: http://ocsp2.wosign.cn/ca2g2/server1/free
,
   accessMethod: caIssuers
   accessLocation: URIName: http://aia2.wosign.cn/ca2g2.server1.free.cer
]
]

#2: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 30 DA 74 86 F3 28 90 56   9E D7 31 31 C2 BD 59 CD  0.t..(.V..11..Y.
0010: 93 12 39 1D                                        ..9.
]
]

#3: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
  CA:false
  PathLen: undefined
]

#4: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
  [DistributionPoint:
     [URIName: http://crls2.wosign.cn/ca2g2-server1-free.crl]
]]

#5: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
  [CertificatePolicyId: [2.23.140.1.2.1]
[]  ]
  [CertificatePolicyId: [1.3.6.1.4.1.36305.1.1.2]
[PolicyQualifierInfo: [
  qualifierID: 1.3.6.1.5.5.7.2.1
  qualifier: 0000: 16 1D 68 74 74 70 3A 2F   2F 77 77 77 2E 77 6F 73  ..http://w
ww.wos
0010: 69 67 6E 2E 63 6F 6D 2F   70 6F 6C 69 63 79 2F     ign.com/policy/

]]  ]
]

#6: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
  clientAuth
  serverAuth
]

#7: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
  DigitalSignature
  Key_Encipherment
]

#8: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
  DNSName: www.hqftest.com
  DNSName: hqftest.com
]

#9: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: EA 06 FF 40 DF 4D D0 3D   8F 9F 31 E6 8E 7B 37 59  [email protected].=..1...7Y
0010: 7A 12 10 1D                                        z...
]
]

       ? [ ]:  y
          


      ,        ,         

keytool -list -keystore cacerts 
keytool -delete -alias akazam_email -keystore cacerts 
keytool -import -alias akazam_email -file akazam_email.cer -keystore cacerts -trustcacerts
画像をズームしてdpiを設定する
Ajaxの非同期通信の考察