如何进入无密码保护的 Java 密钥库或更改密码?
我正在尝试将受信任的证书导入 Java cacerts 密钥库,但我有一个问题。我尝试列出现有的受信任证书,但密钥库似乎不受密码保护。
$ keytool -list -keystore cacerts
Enter keystore password:
***************** WARNING WARNING WARNING *****************
* The integrity of the information stored in your keystore *
* has NOT been verified! In order to verify its integrity, *
* you must provide your keystore password. *
***************** WARNING WARNING WARNING *****************
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 76 entries
我尝试导入受信任的证书:
$ keytool -importcert -alias "JiraCert" -file /root/c9ssl.crt -keystore /etc/java-6-sun/security/cacerts
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Too many failures - try later
我还尝试将密码从“无”更改为:
$ keytool -storepasswd -keystore cacerts.back
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Too many failures - try later
I'm trying to import a trusted certificated into the Java cacerts keystore, but I have a problem. I tried to list existing trusted certificates and it seems that the keystore isn't password protected.
$ keytool -list -keystore cacerts
Enter keystore password:
***************** WARNING WARNING WARNING *****************
* The integrity of the information stored in your keystore *
* has NOT been verified! In order to verify its integrity, *
* you must provide your keystore password. *
***************** WARNING WARNING WARNING *****************
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 76 entries
I tried to import a trusted certificate:
$ keytool -importcert -alias "JiraCert" -file /root/c9ssl.crt -keystore /etc/java-6-sun/security/cacerts
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Too many failures - try later
I also tried to change the password from "none" to something:
$ keytool -storepasswd -keystore cacerts.back
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Too many failures - try later
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
密钥库默认密码为:“changeit”。我按照您在此处输入的命令运行,以导入证书。我希望你已经解决了你的问题。
The password of keystore by default is: "changeit". I functioned to my commands you entered here, for the import of the certificate. I hope you have already solved your problem.
如果处理 Android 的 Google 登录,调试密钥库的密码是
android,如下所示:https://developers.google.com/android/guides/client-authIn case if dealing with Google sign-in for android, the password for the debug keystore is
android, as specified in here: https://developers.google.com/android/guides/client-authMac Mountain Lion 现在使用 Oracle 时具有相同的密码。
Mac Mountain Lion has the same password now it uses Oracle.
可以借助 Java 编程语言本身来进入不受密码保护的 Java 密钥库并更改密码。
该文章包含以下代码:
thetechawesomeness.ideasmatter.info
Getting into a non-password protected Java keystore and changing the password can be done with a help of Java programming language itself.
That article contains the code for that:
thetechawesomeness.ideasmatter.info
这是一个错误的假设。如果您仔细阅读,您会发现提供的列表没有验证密钥库的完整性,因为您没有提供密码。该列表不需要密码,但您的密钥库肯定有密码,如下所示:
Java 的默认 cacerts 密码是“changeit”,除非您使用的是 Mac,在某种程度上它是“changeme”。显然,从 Mountain Lion 开始(基于此处的评论和另一个答案),Mac 的密码现在也是“changeit”,可能是因为 Oracle 现在也在处理 Mac JVM 的分发。
That's a false assumption. If you read more carefully, you'll find that the listing was provided without verifying the integrity of the keystore because you didn't provide the password. The listing doesn't require a password, but your keystore definitely has a password, as indicated by:
Java's default cacerts password is "changeit", unless you're on a Mac, where it's "changeme" up to a certain point. Apparently as of Mountain Lion (based on comments and another answer here), the password for Mac is now also "changeit", probably because Oracle is now handling distribution for the Mac JVM as well.