我正在尝试将受信任的证书导入Java cacerts keystore,但我遇到了问题。我试图列出现有的可信证书,似乎密钥库没有密码保护。
$ keytool -list -keystore cacerts
Enter keystore password:
***************** WARNING WARNING WARNING *****************
* The integrity of the information stored in your keystore *
* has NOT been verified! In order to verify its integrity, *
* you must provide your keystore password. *
***************** WARNING WARNING WARNING *****************
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 76 entries
我尝试导入可信证书:
$ keytool -importcert -alias "JiraCert" -file /root/c9ssl.crt -keystore /etc/java-6-sun/security/cacerts
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Too many failures - try later
我还尝试将密码从“none”更改为:
$ keytool -storepasswd -keystore cacerts.back
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Too many failures - try later
答案 0 :(得分:197)
这意味着cacerts密钥库不受密码保护
这是一个错误的假设。如果您仔细阅读,您会发现列表是在未验证密钥库完整性的情况下提供的,因为您没有提供密码。该列表不需要密码,但您的密钥库肯定有密码,如下所示:
为了验证其完整性,您必须提供密钥库密码。
Java的默认cacerts密码是“changeit”,除非你在Mac上,它可以“改变”到某一点。显然,对于Mountain Lion(基于评论和此处的另一个答案),Mac的密码现在也是“改变”,可能是因为Oracle现在也处理Mac JVM的分发。
答案 1 :(得分:47)
密钥库的密码默认为:“changeit”。我对你在这里输入的命令起作用,用于导入证书。我希望你已经解决了你的问题。
答案 2 :(得分:3)
Mac Mountain Lion现在使用的是相同的密码。
答案 3 :(得分:0)
答案 4 :(得分:0)
如果处理 Android 的 Google 登录,调试密钥库的密码是 android,如下所示:https://developers.google.com/android/guides/client-auth