ssl无法将证书导入java控制面板

6 月，1 周 Questions & Answers 10605

我正在尝试将自签名证书导入java控制面板中的受信任证书。它位于“安全”选项卡下->；管理证书。无论我在密钥库上设置的密码有多简单，导入程序总是在我输入密码后告诉我密码无效。我也尝试过更改证书类型，但没有成功。。李都试过了。下面是我用来创建文件的简单步骤

keytool -genkey -keyalg RSA -keysize 2048 -keystore test_keystore.jks -alias test

然后我生成我的CSR文件，java控制面板将其作为输入

keytool -certreq -alias test -keystore test_keystore.jks -file test_certificate_request.csr

因为这只是一个测试，所以我设置的密码非常简单，所以不会出现使用错误密码或键入错误的问题。但是每次我导入测试证书请求时。我创建的csr文件，它告诉我密码无效

如果有必要，这里是当我点击“更多信息”按钮时从导入程序生成的完整strack跟踪

java.io.IOException: toDerInputStream rejects tag type 45
at sun.security.util.DerValue.toDerInputStream(Unknown Source)
at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
at java.security.KeyStore.load(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog.importPKCS12Certificate(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog.importButtonActionPerformed(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog.access$200(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog$4.actionPerformed(Unknown Source)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
at java.awt.AWTEventMulticaster.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at javax.swing.JComponent.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Window.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access$200(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue$4.run(Unknown Source)
at java.awt.EventQueue$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.WaitDispatchSupport$2.run(Unknown Source)
at java.awt.WaitDispatchSupport$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.awt.WaitDispatchSupport.enter(Unknown Source)
at java.awt.Dialog.show(Unknown Source)
at java.awt.Component.show(Unknown Source)
at java.awt.Component.setVisible(Unknown Source)
at java.awt.Window.setVisible(Unknown Source)
at java.awt.Dialog.setVisible(Unknown Source)
at com.sun.deploy.panel.SecurityPanel.certsBtnActionPerformed(Unknown Source)
at com.sun.deploy.panel.SecurityPanel.access$300(Unknown Source)
at com.sun.deploy.panel.SecurityPanel$4.actionPerformed(Unknown Source)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
at java.awt.AWTEventMulticaster.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at javax.swing.JComponent.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Window.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access$200(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue$4.run(Unknown Source)
at java.awt.EventQueue$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)

我做错了什么

# 1 楼答案

keytool -certreq创建证书请求，也称为PKCS#10，应该提供给证书颁发机构以获得真正的证书。然后将其上传到工具，该工具需要证书

从stacktrace中的这些行

at java.security.KeyStore.load(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog.importPKCS12Certificate(Unknown Source)

我可以看出，UI实际上希望密钥库采用PKCS#12格式，内部带有证书，而不仅仅是一个单独的证书

这就是使用keytool自签名证书生成密钥库的方法

keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks \
  -storepass password -validity 360 -keysize 2048

但是，这将以JKS格式创建密钥库，并且必须使用命令将其转换为PKCS#12格式

keytool -importkeystore -srckeystore keystore.jks -srcstoretype JKS \
  -deststoretype  PKCS12 -destkeystore keystore.p12

或者，也可以用PKCS#12格式创建密钥库，并指定-storetype

keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.p12 \
  -storetype pkcs12 -storepass password -validity 360 -keysize 2048

请注意，密钥库包含自签名证书和相应的私钥

共 (1) 个答案

# 1 楼答案
keytool -certreq创建证书请求，也称为PKCS#10，应该提供给证书颁发机构以获得真正的证书。然后将其上传到工具，该工具需要证书

从stacktrace中的这些行
```
at java.security.KeyStore.load(Unknown Source)
at com.sun.deploy.panel.CertificatesDialog.importPKCS12Certificate(Unknown Source)
```
我可以看出，UI实际上希望密钥库采用PKCS#12格式，内部带有证书，而不仅仅是一个单独的证书

这就是使用keytool自签名证书生成密钥库的方法
```
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks \
  -storepass password -validity 360 -keysize 2048
```
但是，这将以JKS格式创建密钥库，并且必须使用命令将其转换为PKCS#12格式
```
keytool -importkeystore -srckeystore keystore.jks -srcstoretype JKS \
  -deststoretype  PKCS12 -destkeystore keystore.p12
```
或者，也可以用PKCS#12格式创建密钥库，并指定-storetype
```
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.p12 \
  -storetype pkcs12 -storepass password -validity 360 -keysize 2048
```
请注意，密钥库包含自签名证书和相应的私钥

Python中文网

有 Java 编程相关的问题?

ssl无法将证书导入java控制面板

共 (1) 个答案

# 1 楼答案