我正在尝试在没有运气的情况下在ahsayobs上设置SSL。第一步是删除计算机上安装的默认证书。我正在运行java 1.6版。这就是我正在做的事情:
[root@backup ~]# /data/obs_6.5/java-linux-x86/bin/keytool –delete –alias tomcat –keystore /Applications/AhsayOBS/conf/keystore
keytool error: java.lang.RuntimeException: Usage error, –delete is not a legal command
[root@backup ~]# /data/obs_6.5/java-linux-x64/bin/keytool –delete –alias tomcat –keystore /Applications/AhsayOBS/conf/keystore
keytool error: java.lang.RuntimeException: Usage error, –delete is not a legal command
[root@backup ~]# /data/obs/java-linux-x64/bin/keytool –delete –alias tomcat –keystore /Applications/AhsayOBS/conf/keystore
keytool error: java.lang.RuntimeException: Usage error, –delete is not a legal command
下一步是创建一个CSR,它还带有Usage error, –genkey is not a legal command。就像keytool甚至没有安装一样。但是我没有收到这个错误,locate keytool显示了一些不同的位置(我已经尝试过了)。每个都显示相同的错误。关于我做错了什么想法?
修改
哦,geesh ......似乎我从(keytool -delete -alias ...等)复制/粘贴命令的文章没有使用常规连字符,这就是把它扔掉的原因。这是我最后使用的内容:
### First, delete the previous keystore file
/data/obs_6.5/java-linux-x86/bin/keytool -delete -alias tomcat -keystore /data/obs/conf/keystore
### Then, create a new keystore file
/data/obs_6.5/java-linux-x86/bin/keytool -genkey -alias tomcat -keyalg RSA -keysize 2048 -keystore /data/obs/conf/keystore
### You will be asked for normal SSL info such as your name, department, company, etc.
/data/obs_6.5/java-linux-x86/bin/keytool -certreq -keyalg RSA -alias tomcat -keystore /data/obs/conf/keystore
### Save the intermediate certificate and the SSL certificate into the /data/obs/conf/ folder
### Use the below commands to import them into the keytool
/data/obs_6.5/java-linux-x86/bin/keytool -import -alias intermed -trustcacerts -file sf_intermediate.crt -keystore /data/obs/conf/keystore
/data/obs_6.5/java-linux-x86/bin/keytool -import -alias tomcat -trustcacerts -file backup.atomicx.com.crt -keystore /data/obs/conf/keystore
### Check the keytool to make sure it was successful
/data/obs_6.5/java-linux-x86/bin/keytool -list -alias tomcat -keystore /data/obs/conf/keystore
### Make sure /data/obs/conf/server.xml has the correct keystore folder path
<-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 --> <!-- <Connector port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="path to your keystore file" keystorePass="changeit" clientAuth="false" sslProtocol="TLS"/>
答案 0 :(得分:3)
我发现我复制并粘贴了命令的位置,连字符实际上不是连字符,但是它们破灭了。一旦我替换了那些,我就不再收到错误了。但是,这就是我在那时所做的一切,以防任何人需要它。
### First, delete the previous keystore file
/data/obs_6.5/java-linux-x86/bin/keytool -delete -alias tomcat -keystore /data/obs/conf/keystore
### Then, create a new keystore file
/data/obs_6.5/java-linux-x86/bin/keytool -genkey -alias tomcat -keyalg RSA -keysize 2048 -keystore /data/obs/conf/keystore
### You will be asked for normal SSL info such as your name, department, company, etc.
/data/obs_6.5/java-linux-x86/bin/keytool -certreq -keyalg RSA -alias tomcat -keystore /data/obs/conf/keystore
### Save the intermediate certificate and the SSL certificate into the /data/obs/conf/ folder
### Use the below commands to import them into the keytool
/data/obs_6.5/java-linux-x86/bin/keytool -import -alias intermed -trustcacerts -file sf_intermediate.crt -keystore /data/obs/conf/keystore
/data/obs_6.5/java-linux-x86/bin/keytool -import -alias tomcat -trustcacerts -file backup.atomicx.com.crt -keystore /data/obs/conf/keystore
### Check the keytool to make sure it was successful
/data/obs_6.5/java-linux-x86/bin/keytool -list -alias tomcat -keystore /data/obs/conf/keystore
### Make sure /data/obs/conf/server.xml has the correct keystore folder path, and that it uses the same password that you set earlier
<-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 --> <!-- <Connector port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="path to your keystore file" keystorePass="changeit" clientAuth="false" sslProtocol="TLS"/>