信任 Example.com's Root CA 证书
由 Qiongpan Ke 于 2023-07-08 最后修改
复制
导出
注解
打印预览
源代码
子项
附件
历史记录
信息
Debian / Ubuntu
在 Debian / Ubuntu 系统上可执行如下命令:
# 将 example.com 的根证书复制到证书目录
sudo wget -O /usr/local/share/ca-certificates/example_com_root_ca.crt http://ca.example.com/ca.crt
# 或者
sudo curl -fsSLo /usr/local/share/ca-certificates/example_com_root_ca.crt http://ca.example.com/ca.crt
# 将根据证更新到系统根证书信息区
sudo update-ca-certificates
sudo wget -O /usr/local/share/ca-certificates/example_com_root_ca.crt http://ca.example.com/ca.crt
# 或者
sudo curl -fsSLo /usr/local/share/ca-certificates/example_com_root_ca.crt http://ca.example.com/ca.crt
# 将根据证更新到系统根证书信息区
sudo update-ca-certificates
或者
# 将 example.com 的根证书复制到证书目录
sudo tee /usr/local/share/ca-certificates/example_com_root_ca.crt <<EOF
-----BEGIN CERTIFICATE-----
MIIGGzCCBAOgAwIBAgIUEzPBy0oFI5vEmpVo/IieQBJo5K8wDQYJKoZIhvcNAQEL
BQAwgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzAgFw0yMzA3MDYyMTE0NDFaGA8yMTIzMDYxMjIxMTQ0
MVowgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
AKrZx23sunlnyWlBtBIw6wWDssw4qXbGQLNhKEAA54EY+4HsfrtMA5W0FhtH6zlm
UGD60asltJIjNoWGbN+b7dH7Wks/ebdmLk5H0MgWGivX2yrbgFV6iF/5RZGHKTsq
5puQ0MZYuTUUEC9bQsZ7LlRtU32XuH77SAhJL+NnMbj7kg9jiEuzpDrFDwloqb+W
jGS3gl6ILUsIr3CS7ORrCrs2KW4TVQ1hp7zhC2iRXlJxtKaw0p2mIY6xSXBArDLs
lxQ1ohtD5pzL+g6ZCdqRKpab/K1p+UZwHiN0B+wXuQncVfPAGw6/fMlrELl5iSOY
JmM1FAndNW6EqNtQffetE/Sij3p51+Fihj69+2jRxbK8AIAbeunF+HXVauTiKTjx
f0L2Tt1E3wTsKOZAcO6FbTOajS/6FdIhiImGRQi7/R43atUHsDgS31ACUFPqzHbg
ViK46IAnI4XqXVfkRCLthl4Iim7SVeoG8rWEJt65VSYdFViEX0EAYEM7VuIs4DHP
VPLdRAzIYklK8+GOx1aLzdqeuNfvHmNQR8VZk3F20LzDk/77OT0MuwNsL0wLeu8y
yBjCya0QpItfpCOrgC9m+6FBErwVLRU9G7ec+SLMphEGi0P5IwXHyKZ5EsMQf55y
76qZZ3785wYNOAws8jdFGlvhy3qHJ0bHRLEBx1GPTwhnAgMBAAGjUzBRMB0GA1Ud
DgQWBBRGjjeRpFbVY8glQ6Do4RZmPPAi5jAfBgNVHSMEGDAWgBRGjjeRpFbVY8gl
Q6Do4RZmPPAi5jAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCX
50U/t1k058Yi/LpMgmAOjHOyyTG/6q3McHnrOzG7qnP4EujYN4rTsndCA0c/I4yC
dGn4rUUIYM/DkGefVR+1eqpzEtZzl2VyRXRj4yNfR8m4SOLSWMf4rw5566uCehf3
O2Jggnr5MiP4Px0kgJJHgKcv79LrC38W2tF9Dmq+KHzShUiD9tiHNT1yfDbqPjEE
ga46l1bJlda2jxY++5Q17tx6xoXvZwsxvMPg2C/Sk5MNsWHEkgrB9BPfi7Rw4HR8
xVbMgh3bAgwrymGvOlGxvqkMuEQibWmXggHJD9iQj6od9Myocg8DjdfjMiIbYJmE
JbMQeqiZXMfE9UqURzchuzny//H4wlmSRFjk1S7f1BMvWJ6H1U+SqL3eEcGXlwsI
BLKdg3cZb+5qwuNZktQ6wfBGBhRF6OveRyZK41SqEso0Y9Krqz+0yIS5R9Sx58WD
Nw+XGEIpptvfl9oCjgHxQxrFpUG0TqAVrgjXB+bLbEOmnA+cD/j/B+MVXs+SBPmc
zJ3D/2LyMa77KhBBcNd0HNBeCF4S6IIqjnhRYebndt43Kon8b6KRE0fuvFJ/LuWw
wZlNUkd9GXTeuWuOTnrBgOeQCtX85y3913aDZgrTogjFM4ePke/PcAZMwJC1n4QA
7gLABtr/FlnYDc37jW9BdCkCgU5lhh5kI8UHhO7x3Q==
-----END CERTIFICATE-----
EOF
# 将根据证更新到系统根证书信息区
sudo update-ca-certificates
sudo tee /usr/local/share/ca-certificates/example_com_root_ca.crt <<EOF
-----BEGIN CERTIFICATE-----
MIIGGzCCBAOgAwIBAgIUEzPBy0oFI5vEmpVo/IieQBJo5K8wDQYJKoZIhvcNAQEL
BQAwgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzAgFw0yMzA3MDYyMTE0NDFaGA8yMTIzMDYxMjIxMTQ0
MVowgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
AKrZx23sunlnyWlBtBIw6wWDssw4qXbGQLNhKEAA54EY+4HsfrtMA5W0FhtH6zlm
UGD60asltJIjNoWGbN+b7dH7Wks/ebdmLk5H0MgWGivX2yrbgFV6iF/5RZGHKTsq
5puQ0MZYuTUUEC9bQsZ7LlRtU32XuH77SAhJL+NnMbj7kg9jiEuzpDrFDwloqb+W
jGS3gl6ILUsIr3CS7ORrCrs2KW4TVQ1hp7zhC2iRXlJxtKaw0p2mIY6xSXBArDLs
lxQ1ohtD5pzL+g6ZCdqRKpab/K1p+UZwHiN0B+wXuQncVfPAGw6/fMlrELl5iSOY
JmM1FAndNW6EqNtQffetE/Sij3p51+Fihj69+2jRxbK8AIAbeunF+HXVauTiKTjx
f0L2Tt1E3wTsKOZAcO6FbTOajS/6FdIhiImGRQi7/R43atUHsDgS31ACUFPqzHbg
ViK46IAnI4XqXVfkRCLthl4Iim7SVeoG8rWEJt65VSYdFViEX0EAYEM7VuIs4DHP
VPLdRAzIYklK8+GOx1aLzdqeuNfvHmNQR8VZk3F20LzDk/77OT0MuwNsL0wLeu8y
yBjCya0QpItfpCOrgC9m+6FBErwVLRU9G7ec+SLMphEGi0P5IwXHyKZ5EsMQf55y
76qZZ3785wYNOAws8jdFGlvhy3qHJ0bHRLEBx1GPTwhnAgMBAAGjUzBRMB0GA1Ud
DgQWBBRGjjeRpFbVY8glQ6Do4RZmPPAi5jAfBgNVHSMEGDAWgBRGjjeRpFbVY8gl
Q6Do4RZmPPAi5jAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCX
50U/t1k058Yi/LpMgmAOjHOyyTG/6q3McHnrOzG7qnP4EujYN4rTsndCA0c/I4yC
dGn4rUUIYM/DkGefVR+1eqpzEtZzl2VyRXRj4yNfR8m4SOLSWMf4rw5566uCehf3
O2Jggnr5MiP4Px0kgJJHgKcv79LrC38W2tF9Dmq+KHzShUiD9tiHNT1yfDbqPjEE
ga46l1bJlda2jxY++5Q17tx6xoXvZwsxvMPg2C/Sk5MNsWHEkgrB9BPfi7Rw4HR8
xVbMgh3bAgwrymGvOlGxvqkMuEQibWmXggHJD9iQj6od9Myocg8DjdfjMiIbYJmE
JbMQeqiZXMfE9UqURzchuzny//H4wlmSRFjk1S7f1BMvWJ6H1U+SqL3eEcGXlwsI
BLKdg3cZb+5qwuNZktQ6wfBGBhRF6OveRyZK41SqEso0Y9Krqz+0yIS5R9Sx58WD
Nw+XGEIpptvfl9oCjgHxQxrFpUG0TqAVrgjXB+bLbEOmnA+cD/j/B+MVXs+SBPmc
zJ3D/2LyMa77KhBBcNd0HNBeCF4S6IIqjnhRYebndt43Kon8b6KRE0fuvFJ/LuWw
wZlNUkd9GXTeuWuOTnrBgOeQCtX85y3913aDZgrTogjFM4ePke/PcAZMwJC1n4QA
7gLABtr/FlnYDc37jW9BdCkCgU5lhh5kI8UHhO7x3Q==
-----END CERTIFICATE-----
EOF
# 将根据证更新到系统根证书信息区
sudo update-ca-certificates
CentOS / PhotonOS
在 CentOS / PhotonOS 系统上可执行如下命令:
# 将 example.com 的根证书复制到证书目录
sudo wget -O /etc/pki/ca-trust/source/anchors/example_com_root_ca.crt http://ca.example.com/ca.crt
# 或者
sudo curl -fsSLo /etc/pki/ca-trust/source/anchors/example_com_root_ca.crt http://ca.example.com/ca.crt
# 将根据证更新到系统根证书信息区
sudo update-ca-trust
sudo wget -O /etc/pki/ca-trust/source/anchors/example_com_root_ca.crt http://ca.example.com/ca.crt
# 或者
sudo curl -fsSLo /etc/pki/ca-trust/source/anchors/example_com_root_ca.crt http://ca.example.com/ca.crt
# 将根据证更新到系统根证书信息区
sudo update-ca-trust
或者
# 将 example.com 的根证书复制到证书目录
sudo tee /etc/pki/ca-trust/source/anchors/example_com_root_ca.crt <<EOF
-----BEGIN CERTIFICATE-----
MIIGGzCCBAOgAwIBAgIUEzPBy0oFI5vEmpVo/IieQBJo5K8wDQYJKoZIhvcNAQEL
BQAwgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzAgFw0yMzA3MDYyMTE0NDFaGA8yMTIzMDYxMjIxMTQ0
MVowgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
AKrZx23sunlnyWlBtBIw6wWDssw4qXbGQLNhKEAA54EY+4HsfrtMA5W0FhtH6zlm
UGD60asltJIjNoWGbN+b7dH7Wks/ebdmLk5H0MgWGivX2yrbgFV6iF/5RZGHKTsq
5puQ0MZYuTUUEC9bQsZ7LlRtU32XuH77SAhJL+NnMbj7kg9jiEuzpDrFDwloqb+W
jGS3gl6ILUsIr3CS7ORrCrs2KW4TVQ1hp7zhC2iRXlJxtKaw0p2mIY6xSXBArDLs
lxQ1ohtD5pzL+g6ZCdqRKpab/K1p+UZwHiN0B+wXuQncVfPAGw6/fMlrELl5iSOY
JmM1FAndNW6EqNtQffetE/Sij3p51+Fihj69+2jRxbK8AIAbeunF+HXVauTiKTjx
f0L2Tt1E3wTsKOZAcO6FbTOajS/6FdIhiImGRQi7/R43atUHsDgS31ACUFPqzHbg
ViK46IAnI4XqXVfkRCLthl4Iim7SVeoG8rWEJt65VSYdFViEX0EAYEM7VuIs4DHP
VPLdRAzIYklK8+GOx1aLzdqeuNfvHmNQR8VZk3F20LzDk/77OT0MuwNsL0wLeu8y
yBjCya0QpItfpCOrgC9m+6FBErwVLRU9G7ec+SLMphEGi0P5IwXHyKZ5EsMQf55y
76qZZ3785wYNOAws8jdFGlvhy3qHJ0bHRLEBx1GPTwhnAgMBAAGjUzBRMB0GA1Ud
DgQWBBRGjjeRpFbVY8glQ6Do4RZmPPAi5jAfBgNVHSMEGDAWgBRGjjeRpFbVY8gl
Q6Do4RZmPPAi5jAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCX
50U/t1k058Yi/LpMgmAOjHOyyTG/6q3McHnrOzG7qnP4EujYN4rTsndCA0c/I4yC
dGn4rUUIYM/DkGefVR+1eqpzEtZzl2VyRXRj4yNfR8m4SOLSWMf4rw5566uCehf3
O2Jggnr5MiP4Px0kgJJHgKcv79LrC38W2tF9Dmq+KHzShUiD9tiHNT1yfDbqPjEE
ga46l1bJlda2jxY++5Q17tx6xoXvZwsxvMPg2C/Sk5MNsWHEkgrB9BPfi7Rw4HR8
xVbMgh3bAgwrymGvOlGxvqkMuEQibWmXggHJD9iQj6od9Myocg8DjdfjMiIbYJmE
JbMQeqiZXMfE9UqURzchuzny//H4wlmSRFjk1S7f1BMvWJ6H1U+SqL3eEcGXlwsI
BLKdg3cZb+5qwuNZktQ6wfBGBhRF6OveRyZK41SqEso0Y9Krqz+0yIS5R9Sx58WD
Nw+XGEIpptvfl9oCjgHxQxrFpUG0TqAVrgjXB+bLbEOmnA+cD/j/B+MVXs+SBPmc
zJ3D/2LyMa77KhBBcNd0HNBeCF4S6IIqjnhRYebndt43Kon8b6KRE0fuvFJ/LuWw
wZlNUkd9GXTeuWuOTnrBgOeQCtX85y3913aDZgrTogjFM4ePke/PcAZMwJC1n4QA
7gLABtr/FlnYDc37jW9BdCkCgU5lhh5kI8UHhO7x3Q==
-----END CERTIFICATE-----
EOF
# 将根据证更新到系统根证书信息区
sudo update-ca-trust
sudo tee /etc/pki/ca-trust/source/anchors/example_com_root_ca.crt <<EOF
-----BEGIN CERTIFICATE-----
MIIGGzCCBAOgAwIBAgIUEzPBy0oFI5vEmpVo/IieQBJo5K8wDQYJKoZIhvcNAQEL
BQAwgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzAgFw0yMzA3MDYyMTE0NDFaGA8yMTIzMDYxMjIxMTQ0
MVowgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
AKrZx23sunlnyWlBtBIw6wWDssw4qXbGQLNhKEAA54EY+4HsfrtMA5W0FhtH6zlm
UGD60asltJIjNoWGbN+b7dH7Wks/ebdmLk5H0MgWGivX2yrbgFV6iF/5RZGHKTsq
5puQ0MZYuTUUEC9bQsZ7LlRtU32XuH77SAhJL+NnMbj7kg9jiEuzpDrFDwloqb+W
jGS3gl6ILUsIr3CS7ORrCrs2KW4TVQ1hp7zhC2iRXlJxtKaw0p2mIY6xSXBArDLs
lxQ1ohtD5pzL+g6ZCdqRKpab/K1p+UZwHiN0B+wXuQncVfPAGw6/fMlrELl5iSOY
JmM1FAndNW6EqNtQffetE/Sij3p51+Fihj69+2jRxbK8AIAbeunF+HXVauTiKTjx
f0L2Tt1E3wTsKOZAcO6FbTOajS/6FdIhiImGRQi7/R43atUHsDgS31ACUFPqzHbg
ViK46IAnI4XqXVfkRCLthl4Iim7SVeoG8rWEJt65VSYdFViEX0EAYEM7VuIs4DHP
VPLdRAzIYklK8+GOx1aLzdqeuNfvHmNQR8VZk3F20LzDk/77OT0MuwNsL0wLeu8y
yBjCya0QpItfpCOrgC9m+6FBErwVLRU9G7ec+SLMphEGi0P5IwXHyKZ5EsMQf55y
76qZZ3785wYNOAws8jdFGlvhy3qHJ0bHRLEBx1GPTwhnAgMBAAGjUzBRMB0GA1Ud
DgQWBBRGjjeRpFbVY8glQ6Do4RZmPPAi5jAfBgNVHSMEGDAWgBRGjjeRpFbVY8gl
Q6Do4RZmPPAi5jAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCX
50U/t1k058Yi/LpMgmAOjHOyyTG/6q3McHnrOzG7qnP4EujYN4rTsndCA0c/I4yC
dGn4rUUIYM/DkGefVR+1eqpzEtZzl2VyRXRj4yNfR8m4SOLSWMf4rw5566uCehf3
O2Jggnr5MiP4Px0kgJJHgKcv79LrC38W2tF9Dmq+KHzShUiD9tiHNT1yfDbqPjEE
ga46l1bJlda2jxY++5Q17tx6xoXvZwsxvMPg2C/Sk5MNsWHEkgrB9BPfi7Rw4HR8
xVbMgh3bAgwrymGvOlGxvqkMuEQibWmXggHJD9iQj6od9Myocg8DjdfjMiIbYJmE
JbMQeqiZXMfE9UqURzchuzny//H4wlmSRFjk1S7f1BMvWJ6H1U+SqL3eEcGXlwsI
BLKdg3cZb+5qwuNZktQ6wfBGBhRF6OveRyZK41SqEso0Y9Krqz+0yIS5R9Sx58WD
Nw+XGEIpptvfl9oCjgHxQxrFpUG0TqAVrgjXB+bLbEOmnA+cD/j/B+MVXs+SBPmc
zJ3D/2LyMa77KhBBcNd0HNBeCF4S6IIqjnhRYebndt43Kon8b6KRE0fuvFJ/LuWw
wZlNUkd9GXTeuWuOTnrBgOeQCtX85y3913aDZgrTogjFM4ePke/PcAZMwJC1n4QA
7gLABtr/FlnYDc37jW9BdCkCgU5lhh5kI8UHhO7x3Q==
-----END CERTIFICATE-----
EOF
# 将根据证更新到系统根证书信息区
sudo update-ca-trust
Java Runtime Envrionment (JRE)
对于 Java 运行环境,其使用 JRE 自身携带 cacerts 文件作为 CA 认证列表,可通过 JRE 自带的 keytool 工具导入 Example.com's Root CA 证书:
# 将 example.com 的根证书导入到 JRE 的 CA 认证列表
keytool -importcert -cacerts -storepass changeit -alias "Example.com's Root CA" -file <(cat <<EOF
-----BEGIN CERTIFICATE-----
MIIGGzCCBAOgAwIBAgIUEzPBy0oFI5vEmpVo/IieQBJo5K8wDQYJKoZIhvcNAQEL
BQAwgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzAgFw0yMzA3MDYyMTE0NDFaGA8yMTIzMDYxMjIxMTQ0
MVowgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
AKrZx23sunlnyWlBtBIw6wWDssw4qXbGQLNhKEAA54EY+4HsfrtMA5W0FhtH6zlm
UGD60asltJIjNoWGbN+b7dH7Wks/ebdmLk5H0MgWGivX2yrbgFV6iF/5RZGHKTsq
5puQ0MZYuTUUEC9bQsZ7LlRtU32XuH77SAhJL+NnMbj7kg9jiEuzpDrFDwloqb+W
jGS3gl6ILUsIr3CS7ORrCrs2KW4TVQ1hp7zhC2iRXlJxtKaw0p2mIY6xSXBArDLs
lxQ1ohtD5pzL+g6ZCdqRKpab/K1p+UZwHiN0B+wXuQncVfPAGw6/fMlrELl5iSOY
JmM1FAndNW6EqNtQffetE/Sij3p51+Fihj69+2jRxbK8AIAbeunF+HXVauTiKTjx
f0L2Tt1E3wTsKOZAcO6FbTOajS/6FdIhiImGRQi7/R43atUHsDgS31ACUFPqzHbg
ViK46IAnI4XqXVfkRCLthl4Iim7SVeoG8rWEJt65VSYdFViEX0EAYEM7VuIs4DHP
VPLdRAzIYklK8+GOx1aLzdqeuNfvHmNQR8VZk3F20LzDk/77OT0MuwNsL0wLeu8y
yBjCya0QpItfpCOrgC9m+6FBErwVLRU9G7ec+SLMphEGi0P5IwXHyKZ5EsMQf55y
76qZZ3785wYNOAws8jdFGlvhy3qHJ0bHRLEBx1GPTwhnAgMBAAGjUzBRMB0GA1Ud
DgQWBBRGjjeRpFbVY8glQ6Do4RZmPPAi5jAfBgNVHSMEGDAWgBRGjjeRpFbVY8gl
Q6Do4RZmPPAi5jAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCX
50U/t1k058Yi/LpMgmAOjHOyyTG/6q3McHnrOzG7qnP4EujYN4rTsndCA0c/I4yC
dGn4rUUIYM/DkGefVR+1eqpzEtZzl2VyRXRj4yNfR8m4SOLSWMf4rw5566uCehf3
O2Jggnr5MiP4Px0kgJJHgKcv79LrC38W2tF9Dmq+KHzShUiD9tiHNT1yfDbqPjEE
ga46l1bJlda2jxY++5Q17tx6xoXvZwsxvMPg2C/Sk5MNsWHEkgrB9BPfi7Rw4HR8
xVbMgh3bAgwrymGvOlGxvqkMuEQibWmXggHJD9iQj6od9Myocg8DjdfjMiIbYJmE
JbMQeqiZXMfE9UqURzchuzny//H4wlmSRFjk1S7f1BMvWJ6H1U+SqL3eEcGXlwsI
BLKdg3cZb+5qwuNZktQ6wfBGBhRF6OveRyZK41SqEso0Y9Krqz+0yIS5R9Sx58WD
Nw+XGEIpptvfl9oCjgHxQxrFpUG0TqAVrgjXB+bLbEOmnA+cD/j/B+MVXs+SBPmc
zJ3D/2LyMa77KhBBcNd0HNBeCF4S6IIqjnhRYebndt43Kon8b6KRE0fuvFJ/LuWw
wZlNUkd9GXTeuWuOTnrBgOeQCtX85y3913aDZgrTogjFM4ePke/PcAZMwJC1n4QA
7gLABtr/FlnYDc37jW9BdCkCgU5lhh5kI8UHhO7x3Q==
-----END CERTIFICATE-----
EOF
)
# 查看 cacerts 文件的证书列表
keytool -list -cacerts -storepass changeit | grep -i example
keytool -importcert -cacerts -storepass changeit -alias "Example.com's Root CA" -file <(cat <<EOF
-----BEGIN CERTIFICATE-----
MIIGGzCCBAOgAwIBAgIUEzPBy0oFI5vEmpVo/IieQBJo5K8wDQYJKoZIhvcNAQEL
BQAwgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzAgFw0yMzA3MDYyMTE0NDFaGA8yMTIzMDYxMjIxMTQ0
MVowgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
AKrZx23sunlnyWlBtBIw6wWDssw4qXbGQLNhKEAA54EY+4HsfrtMA5W0FhtH6zlm
UGD60asltJIjNoWGbN+b7dH7Wks/ebdmLk5H0MgWGivX2yrbgFV6iF/5RZGHKTsq
5puQ0MZYuTUUEC9bQsZ7LlRtU32XuH77SAhJL+NnMbj7kg9jiEuzpDrFDwloqb+W
jGS3gl6ILUsIr3CS7ORrCrs2KW4TVQ1hp7zhC2iRXlJxtKaw0p2mIY6xSXBArDLs
lxQ1ohtD5pzL+g6ZCdqRKpab/K1p+UZwHiN0B+wXuQncVfPAGw6/fMlrELl5iSOY
JmM1FAndNW6EqNtQffetE/Sij3p51+Fihj69+2jRxbK8AIAbeunF+HXVauTiKTjx
f0L2Tt1E3wTsKOZAcO6FbTOajS/6FdIhiImGRQi7/R43atUHsDgS31ACUFPqzHbg
ViK46IAnI4XqXVfkRCLthl4Iim7SVeoG8rWEJt65VSYdFViEX0EAYEM7VuIs4DHP
VPLdRAzIYklK8+GOx1aLzdqeuNfvHmNQR8VZk3F20LzDk/77OT0MuwNsL0wLeu8y
yBjCya0QpItfpCOrgC9m+6FBErwVLRU9G7ec+SLMphEGi0P5IwXHyKZ5EsMQf55y
76qZZ3785wYNOAws8jdFGlvhy3qHJ0bHRLEBx1GPTwhnAgMBAAGjUzBRMB0GA1Ud
DgQWBBRGjjeRpFbVY8glQ6Do4RZmPPAi5jAfBgNVHSMEGDAWgBRGjjeRpFbVY8gl
Q6Do4RZmPPAi5jAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCX
50U/t1k058Yi/LpMgmAOjHOyyTG/6q3McHnrOzG7qnP4EujYN4rTsndCA0c/I4yC
dGn4rUUIYM/DkGefVR+1eqpzEtZzl2VyRXRj4yNfR8m4SOLSWMf4rw5566uCehf3
O2Jggnr5MiP4Px0kgJJHgKcv79LrC38W2tF9Dmq+KHzShUiD9tiHNT1yfDbqPjEE
ga46l1bJlda2jxY++5Q17tx6xoXvZwsxvMPg2C/Sk5MNsWHEkgrB9BPfi7Rw4HR8
xVbMgh3bAgwrymGvOlGxvqkMuEQibWmXggHJD9iQj6od9Myocg8DjdfjMiIbYJmE
JbMQeqiZXMfE9UqURzchuzny//H4wlmSRFjk1S7f1BMvWJ6H1U+SqL3eEcGXlwsI
BLKdg3cZb+5qwuNZktQ6wfBGBhRF6OveRyZK41SqEso0Y9Krqz+0yIS5R9Sx58WD
Nw+XGEIpptvfl9oCjgHxQxrFpUG0TqAVrgjXB+bLbEOmnA+cD/j/B+MVXs+SBPmc
zJ3D/2LyMa77KhBBcNd0HNBeCF4S6IIqjnhRYebndt43Kon8b6KRE0fuvFJ/LuWw
wZlNUkd9GXTeuWuOTnrBgOeQCtX85y3913aDZgrTogjFM4ePke/PcAZMwJC1n4QA
7gLABtr/FlnYDc37jW9BdCkCgU5lhh5kI8UHhO7x3Q==
-----END CERTIFICATE-----
EOF
)
# 查看 cacerts 文件的证书列表
keytool -list -cacerts -storepass changeit | grep -i example
有些 windows 下的 keytool 工具不支持 -cacerts 参数,可以使用如下命令代替:
# 查看系统中所有 cacerts 文件列表
find / -name cacerts 2>/dev/null
# 定义后面导入时操作的 cacerts 文件路径
CACERTS_PATH=/usr/local/openjdk-11/lib/security/cacerts
# 将 example.com 的根证书导入到 JRE 的 CA 认证列表
keytool -importcert -keystore "${CACERTS_PATH}" -storepass changeit -alias "Example.com's Root CA" -file <(cat <<EOF
-----BEGIN CERTIFICATE-----
MIIGGzCCBAOgAwIBAgIUEzPBy0oFI5vEmpVo/IieQBJo5K8wDQYJKoZIhvcNAQEL
BQAwgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzAgFw0yMzA3MDYyMTE0NDFaGA8yMTIzMDYxMjIxMTQ0
MVowgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
AKrZx23sunlnyWlBtBIw6wWDssw4qXbGQLNhKEAA54EY+4HsfrtMA5W0FhtH6zlm
UGD60asltJIjNoWGbN+b7dH7Wks/ebdmLk5H0MgWGivX2yrbgFV6iF/5RZGHKTsq
5puQ0MZYuTUUEC9bQsZ7LlRtU32XuH77SAhJL+NnMbj7kg9jiEuzpDrFDwloqb+W
jGS3gl6ILUsIr3CS7ORrCrs2KW4TVQ1hp7zhC2iRXlJxtKaw0p2mIY6xSXBArDLs
lxQ1ohtD5pzL+g6ZCdqRKpab/K1p+UZwHiN0B+wXuQncVfPAGw6/fMlrELl5iSOY
JmM1FAndNW6EqNtQffetE/Sij3p51+Fihj69+2jRxbK8AIAbeunF+HXVauTiKTjx
f0L2Tt1E3wTsKOZAcO6FbTOajS/6FdIhiImGRQi7/R43atUHsDgS31ACUFPqzHbg
ViK46IAnI4XqXVfkRCLthl4Iim7SVeoG8rWEJt65VSYdFViEX0EAYEM7VuIs4DHP
VPLdRAzIYklK8+GOx1aLzdqeuNfvHmNQR8VZk3F20LzDk/77OT0MuwNsL0wLeu8y
yBjCya0QpItfpCOrgC9m+6FBErwVLRU9G7ec+SLMphEGi0P5IwXHyKZ5EsMQf55y
76qZZ3785wYNOAws8jdFGlvhy3qHJ0bHRLEBx1GPTwhnAgMBAAGjUzBRMB0GA1Ud
DgQWBBRGjjeRpFbVY8glQ6Do4RZmPPAi5jAfBgNVHSMEGDAWgBRGjjeRpFbVY8gl
Q6Do4RZmPPAi5jAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCX
50U/t1k058Yi/LpMgmAOjHOyyTG/6q3McHnrOzG7qnP4EujYN4rTsndCA0c/I4yC
dGn4rUUIYM/DkGefVR+1eqpzEtZzl2VyRXRj4yNfR8m4SOLSWMf4rw5566uCehf3
O2Jggnr5MiP4Px0kgJJHgKcv79LrC38W2tF9Dmq+KHzShUiD9tiHNT1yfDbqPjEE
ga46l1bJlda2jxY++5Q17tx6xoXvZwsxvMPg2C/Sk5MNsWHEkgrB9BPfi7Rw4HR8
xVbMgh3bAgwrymGvOlGxvqkMuEQibWmXggHJD9iQj6od9Myocg8DjdfjMiIbYJmE
JbMQeqiZXMfE9UqURzchuzny//H4wlmSRFjk1S7f1BMvWJ6H1U+SqL3eEcGXlwsI
BLKdg3cZb+5qwuNZktQ6wfBGBhRF6OveRyZK41SqEso0Y9Krqz+0yIS5R9Sx58WD
Nw+XGEIpptvfl9oCjgHxQxrFpUG0TqAVrgjXB+bLbEOmnA+cD/j/B+MVXs+SBPmc
zJ3D/2LyMa77KhBBcNd0HNBeCF4S6IIqjnhRYebndt43Kon8b6KRE0fuvFJ/LuWw
wZlNUkd9GXTeuWuOTnrBgOeQCtX85y3913aDZgrTogjFM4ePke/PcAZMwJC1n4QA
7gLABtr/FlnYDc37jW9BdCkCgU5lhh5kI8UHhO7x3Q==
-----END CERTIFICATE-----
EOF
)
# 查看 cacerts 文件的证书列表
keytool -list -keystore "${CACERTS_PATH}" -storepass changeit | grep -i example
find / -name cacerts 2>/dev/null
# 定义后面导入时操作的 cacerts 文件路径
CACERTS_PATH=/usr/local/openjdk-11/lib/security/cacerts
# 将 example.com 的根证书导入到 JRE 的 CA 认证列表
keytool -importcert -keystore "${CACERTS_PATH}" -storepass changeit -alias "Example.com's Root CA" -file <(cat <<EOF
-----BEGIN CERTIFICATE-----
MIIGGzCCBAOgAwIBAgIUEzPBy0oFI5vEmpVo/IieQBJo5K8wDQYJKoZIhvcNAQEL
BQAwgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzAgFw0yMzA3MDYyMTE0NDFaGA8yMTIzMDYxMjIxMTQ0
MVowgZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQH
DAtMb3MgQW5nZWxlczEUMBIGA1UECgwLZXhhbXBsZS5jb20xDTALBgNVBAsMBElB
TkExHjAcBgNVBAMMFUV4YW1wbGUuY29tJ3MgUm9vdCBDQTEcMBoGCSqGSIb3DQEJ
ARYNaWFuYUBpYW5hLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
AKrZx23sunlnyWlBtBIw6wWDssw4qXbGQLNhKEAA54EY+4HsfrtMA5W0FhtH6zlm
UGD60asltJIjNoWGbN+b7dH7Wks/ebdmLk5H0MgWGivX2yrbgFV6iF/5RZGHKTsq
5puQ0MZYuTUUEC9bQsZ7LlRtU32XuH77SAhJL+NnMbj7kg9jiEuzpDrFDwloqb+W
jGS3gl6ILUsIr3CS7ORrCrs2KW4TVQ1hp7zhC2iRXlJxtKaw0p2mIY6xSXBArDLs
lxQ1ohtD5pzL+g6ZCdqRKpab/K1p+UZwHiN0B+wXuQncVfPAGw6/fMlrELl5iSOY
JmM1FAndNW6EqNtQffetE/Sij3p51+Fihj69+2jRxbK8AIAbeunF+HXVauTiKTjx
f0L2Tt1E3wTsKOZAcO6FbTOajS/6FdIhiImGRQi7/R43atUHsDgS31ACUFPqzHbg
ViK46IAnI4XqXVfkRCLthl4Iim7SVeoG8rWEJt65VSYdFViEX0EAYEM7VuIs4DHP
VPLdRAzIYklK8+GOx1aLzdqeuNfvHmNQR8VZk3F20LzDk/77OT0MuwNsL0wLeu8y
yBjCya0QpItfpCOrgC9m+6FBErwVLRU9G7ec+SLMphEGi0P5IwXHyKZ5EsMQf55y
76qZZ3785wYNOAws8jdFGlvhy3qHJ0bHRLEBx1GPTwhnAgMBAAGjUzBRMB0GA1Ud
DgQWBBRGjjeRpFbVY8glQ6Do4RZmPPAi5jAfBgNVHSMEGDAWgBRGjjeRpFbVY8gl
Q6Do4RZmPPAi5jAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCX
50U/t1k058Yi/LpMgmAOjHOyyTG/6q3McHnrOzG7qnP4EujYN4rTsndCA0c/I4yC
dGn4rUUIYM/DkGefVR+1eqpzEtZzl2VyRXRj4yNfR8m4SOLSWMf4rw5566uCehf3
O2Jggnr5MiP4Px0kgJJHgKcv79LrC38W2tF9Dmq+KHzShUiD9tiHNT1yfDbqPjEE
ga46l1bJlda2jxY++5Q17tx6xoXvZwsxvMPg2C/Sk5MNsWHEkgrB9BPfi7Rw4HR8
xVbMgh3bAgwrymGvOlGxvqkMuEQibWmXggHJD9iQj6od9Myocg8DjdfjMiIbYJmE
JbMQeqiZXMfE9UqURzchuzny//H4wlmSRFjk1S7f1BMvWJ6H1U+SqL3eEcGXlwsI
BLKdg3cZb+5qwuNZktQ6wfBGBhRF6OveRyZK41SqEso0Y9Krqz+0yIS5R9Sx58WD
Nw+XGEIpptvfl9oCjgHxQxrFpUG0TqAVrgjXB+bLbEOmnA+cD/j/B+MVXs+SBPmc
zJ3D/2LyMa77KhBBcNd0HNBeCF4S6IIqjnhRYebndt43Kon8b6KRE0fuvFJ/LuWw
wZlNUkd9GXTeuWuOTnrBgOeQCtX85y3913aDZgrTogjFM4ePke/PcAZMwJC1n4QA
7gLABtr/FlnYDc37jW9BdCkCgU5lhh5kI8UHhO7x3Q==
-----END CERTIFICATE-----
EOF
)
# 查看 cacerts 文件的证书列表
keytool -list -keystore "${CACERTS_PATH}" -storepass changeit | grep -i example
0
粤公网安备 44011802000481号 粤ICP备2020117634号