I'm trying to import a CA-signed certificate into my Java cacerts.
Now I've got these files:
- signing request.csr
- ca-signed certificate.crt
- ca-signed ceertificate.key
- ca.cer
- ca root.cer
According to the test API document,I need to import my ca-signed certificate.crt into my JDK1.8 cacerts before running my java code. I tried to import the certificate to my java cacerts like this:
keytool -import -trustcacerts -file D:\JavaWebTest\keytool_test\ca-signed certificate.crt -alias myalias -keystore cacerts
But using keytool -list
command, it shows a trustedCertEntry type. While my help document says "check the keystore to confirm your certificate(s) were added. The output should contain an entry type:PrivateKeyEntry and a entry type :trustedCertEntry for each issued certificate."
Then I tried to import all files (except .csr) into a jks keystore and the output contains an entry type:PrivateKeyEntry. But when I run the keytool command to import it into my java cacerts, there is an error saying that this file is not an X.509 certificate. I don't know how to resolve this problem.
By the way, when I use curl with ca-signed certificate.crt and ca-signed certificate.key to access the test https API, it successed.
Thanks. This problem has bothered me about two weeks...