Azkaban-3.x 生成 keystore 和 truststore 文件

1. 生成keystore

  • 我这里所有需要输入的密码都是azkaban
  • 建议回答的问题是最后的CN,其他可以选择性的填,不填的话直接回车就可以,最后的确认信息回复y是必填的
[hadoop@beh07 conf]$ keytool -genkey -keystore keystore -alias jetty-azkaban -keyalg RSA -validity 3560
Enter keystore password:  
Re-enter new password: 
What is your first and last name?
  [Unknown]:  Jed
What is the name of your organizational unit?
  [Unknown]:  
What is the name of your organization?
  [Unknown]:  
What is the name of your City or Locality?
  [Unknown]:  Beijing
What is the name of your State or Province?
  [Unknown]:  Beijing
What is the two-letter country code for this unit?
  [Unknown]:  CN
Is CN=Jed, OU=Unknown, O=Unknown, L=Beijing, ST=Beijing, C=CN correct?
  [no]:  y

Enter key password for <jetty-azkaban>
    (RETURN if same as keystore password):  
Re-enter new password: 


[hadoop@beh07 conf]$ keytool -export -alias jetty-azkaban -keystore keystore -rfc -file selfsignedcert.cer
Enter keystore password:  
Certificate stored in file <selfsignedcert.cer>

2. 生成truststore

[hadoop@beh07 conf]$ keytool -import -alias certificatekey -file selfsignedcert.cer -keystore truststore
Enter keystore password:  
Re-enter new password: 
Owner: CN=Jed, OU=Unknown, O=Unknown, L=Beijing, ST=Beijing, C=CN
Issuer: CN=Jed, OU=Unknown, O=Unknown, L=Beijing, ST=Beijing, C=CN
Serial number: 2e6a45b4
Valid from: Fri Aug 23 13:59:03 CST 2019 until: Tue May 22 13:59:03 CST 2029
Certificate fingerprints:
     MD5:  60:59:8C:F3:51:78:7D:0F:37:5B:06:5F:9A:DC:B3:D4
     SHA1: F8:16:A3:F0:25:A2:FB:D2:FA:B4:DE:43:5A:3F:B8:4B:40:48:87:32
     SHA256: 0D:07:B4:46:D8:6B:A8:B6:3B:B6:23:92:05:DE:CF:C4:7C:EA:D9:03:ED:3B:F4:B1:43:4B:74:89:5E:35:2F:6A
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

Extensions: 

#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: F2 3D 1F 15 39 31 33 8D   B2 77 B0 2B E7 14 71 D4  .=..913..w.+..q.
0010: 93 17 95 BE                                        ....
]
]

Trust this certificate? [no]:  y
Certificate was added to keystore

最后在你执行命令的目录下会生成3个文件:

keystore
selfsignedcert.cer
truststore

本文参与腾讯云自媒体分享计划,欢迎正在阅读的你也加入,一起分享。

发表于

我来说两句

0 条评论
登录 后参与评论

扫码关注云+社区

领取腾讯云代金券