2

我正在尝试在没有运气的 ahsayobs 上设置 SSL。第一步是删除机器上安装的默认证书。我正在运行 Java 1.6 版。这是我正在做的事情:

[root@backup ~]# /data/obs_6.5/java-linux-x86/bin/keytool –delete –alias tomcat –keystore /Applications/AhsayOBS/conf/keystore
keytool error: java.lang.RuntimeException: Usage error, –delete is not a legal command
[root@backup ~]# /data/obs_6.5/java-linux-x64/bin/keytool –delete –alias tomcat –keystore /Applications/AhsayOBS/conf/keystore
keytool error: java.lang.RuntimeException: Usage error, –delete is not a legal command
[root@backup ~]# /data/obs/java-linux-x64/bin/keytool –delete –alias tomcat –keystore /Applications/AhsayOBS/conf/keystore
keytool error: java.lang.RuntimeException: Usage error, –delete is not a legal command

下一步是创建一个 CSR,它也随Usage error, –genkey is not a legal command. 这就像keytool甚至没有安装。但我没有得到那个错误,并locate keytool为它显示了几个不同的位置(我都试过了)。每个都显示相同的错误。关于我做错了什么的任何想法?

编辑

哦,天哪...看来我从(keytool -delete -alias...等)复制/粘贴命令的文章没有使用常规连字符,这就是它被抛弃的原因。这是我最后使用的:

### First, delete the previous keystore file
/data/obs_6.5/java-linux-x86/bin/keytool -delete -alias tomcat -keystore /data/obs/conf/keystore

### Then, create a new keystore file
/data/obs_6.5/java-linux-x86/bin/keytool -genkey -alias tomcat -keyalg RSA -keysize 2048 -keystore /data/obs/conf/keystore

### You will be asked for normal SSL info such as your name, department, company, etc.

/data/obs_6.5/java-linux-x86/bin/keytool -certreq -keyalg RSA -alias tomcat -keystore /data/obs/conf/keystore

### Save the intermediate certificate and the SSL certificate into the /data/obs/conf/ folder
### Use the below commands to import them into the keytool
/data/obs_6.5/java-linux-x86/bin/keytool -import -alias intermed -trustcacerts -file sf_intermediate.crt -keystore /data/obs/conf/keystore
/data/obs_6.5/java-linux-x86/bin/keytool -import -alias tomcat -trustcacerts -file backup.atomicx.com.crt -keystore /data/obs/conf/keystore

### Check the keytool to make sure it was successful
/data/obs_6.5/java-linux-x86/bin/keytool -list -alias tomcat -keystore /data/obs/conf/keystore

### Make sure /data/obs/conf/server.xml has the correct keystore folder path
<-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 --> <!-- <Connector port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="path to your keystore file" keystorePass="changeit" clientAuth="false" sslProtocol="TLS"/>
4

1 回答 1

3

我发现我复制并粘贴了命令的位置,连字符实际上不是连字符,而是破折号。一旦我更换了这些,我就不再收到错误了。但是,这是我当时所做的一切,以防有人需要。

### First, delete the previous keystore file
/data/obs_6.5/java-linux-x86/bin/keytool -delete -alias tomcat -keystore /data/obs/conf/keystore

### Then, create a new keystore file
/data/obs_6.5/java-linux-x86/bin/keytool -genkey -alias tomcat -keyalg RSA -keysize 2048 -keystore /data/obs/conf/keystore

### You will be asked for normal SSL info such as your name, department, company, etc.

/data/obs_6.5/java-linux-x86/bin/keytool -certreq -keyalg RSA -alias tomcat -keystore /data/obs/conf/keystore

### Save the intermediate certificate and the SSL certificate into the /data/obs/conf/ folder
### Use the below commands to import them into the keytool
/data/obs_6.5/java-linux-x86/bin/keytool -import -alias intermed -trustcacerts -file sf_intermediate.crt -keystore /data/obs/conf/keystore
/data/obs_6.5/java-linux-x86/bin/keytool -import -alias tomcat -trustcacerts -file backup.atomicx.com.crt -keystore /data/obs/conf/keystore

### Check the keytool to make sure it was successful
/data/obs_6.5/java-linux-x86/bin/keytool -list -alias tomcat -keystore /data/obs/conf/keystore

### Make sure /data/obs/conf/server.xml has the correct keystore folder path, and that it uses the same password that you set earlier
<-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 --> <!-- <Connector port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="path to your keystore file" keystorePass="changeit" clientAuth="false" sslProtocol="TLS"/>
于 2013-06-21T17:52:37.910 回答