一、生成金鑰庫和證書
1、生成伺服器證書庫
keytool -validity 365 -genkey -v -alias uyun -keyalg rsa -keystore /opt/uem/keystore/uyun.keystore -dname "cn=192.168.16.163,ou=broada,o=broada,l=hangzhou,st=hangzhou,c=cn" -storepass uyuncollector -keypass uyuncollector
2、生成客戶端證書庫
keytool -validity 365 -genkeypair -v -alias client -keyalg rsa -storetype pkcs12 -keystore /opt/uem/keystore/client.p12 -dname "cn=client,ou=broada,o=broada,l=hangzhou,st=hangzhou,c=cn" -storepass uyuncollector -keypass uyuncollector
3、從客戶端證書庫中匯出客戶端證書
keytool -export -v -alias client -keystore /opt/uem/keystore/client.p12 -storetype pkcs12 -storepass uyuncollector -rfc -file /opt/uem/keystore/client.cer
4、從伺服器證書庫中匯出服務端證書
keytool -export -v -alias uyun -keystore /opt/uem/keystore/uyun.keystore -storepass uyuncollector -rfc -file /opt/uem/keystore/uyun.cer
5、生成客戶端信任證書庫(由服務端證書生成的證書庫)
命令:
keytool -import -v -alias uyun -file /opt/uem/keystore/uyun.cer -keystore /opt/uem/keystore/client.truststore -storepass uyuncollector
成功結果:
[root@uem bin]# keytool -import -v -alias uyun -file /opt/uem/keystore/uyun.cer -keystore /opt/uem/keystore/client.truststore -storepass uyuncollectorowner: cn=192.168.16.163, ou=broada, o=broada, l=hangzhou, st=hangzhou, c=cn
issuer: cn=192.168.16.163, ou=broada, o=broada, l=hangzhou, st=hangzhou, c=cn
serial number: 21210db8
valid from: wed jul 15 11:39:18 cst 2015 until: thu jul 14 11:39:18 cst 2016
certificate fingerprints:
md5: 82:37:f3:44:19:93:94:a5:e7:6a:60:3a:aa:cf:8b:80
sha1: 17:a6:24:a4:3d:0b:d3:8f:50:5a:8e:91:e8:1d:23:72:6c:d1:3d:38
sha256: f0:a9:ec:85:06:64:e9:5d:d6:7b:65:9c:40:7d:df:2c:c1:b5:41:08:cc:86:e1:1b:4a:3a:a3:0c:e2:f1:44:41
signature algorithm name: sha256withrsa
version: 3
extensions:
#1: objectid: 2.5.29.14 criticality=false
subjectkeyidentifier [
keyidentifier [
0000: 02 e6 cd 31 be f0 54 84 d1 b5 a3 e7 dc 2e 03 5b ...1..t........[
0010: f2 22 05 0d ."..]]
trust this certificate? [no]: y
certificate was added to keystore
[storing /opt/uem/keystore/client.truststore]
6、將客戶端證書匯入到伺服器證書庫(使得伺服器信任客戶端證書)
keytool -import -v -alias client -file /opt/uem/keystore/client.cer -keystore /opt/uem/keystore/uyun.keystore -storepass uyuncollector
成功結果:
[root@uem bin]# keytool -import -v -alias client -file /opt/uem/keystore/client.cer -keystore /opt/uem/keystore/uyun.keystore -storepass uyuncollectorowner: cn=client, ou=broada, o=broada, l=hangzhou, st=hangzhou, c=cn
issuer: cn=client, ou=broada, o=broada, l=hangzhou, st=hangzhou, c=cn
serial number: 2dac5990
valid from: wed jul 15 11:44:12 cst 2015 until: thu jul 14 11:44:12 cst 2016
certificate fingerprints:
md5: 8b:80:ce:db:5a:1a:b7:91:0f:46:93:1c:82:03:c6:7c
sha1: 7d:6b:1e:68:7d:9e:04:8b:b4:12:51:61:89:46:56:06:c2:50:5c:94
sha256: 25:fe:36:79:7e:0c:9a:9f:dd:95:db:92:82:c1:fc:c1:bd:bb:6b:05:d8:84:52:33:fe:5f:8d:25:23:00:e0:86
signature algorithm name: sha256withrsa
version: 3
extensions:
#1: objectid: 2.5.29.14 criticality=false
subjectkeyidentifier [
keyidentifier [
0000: c4 52 cc cc 7a b0 b5 ca b6 cf e1 f9 53 7e 91 69 .r..z.......s..i
0010: 03 1c b2 69 ...i]]
trust this certificate? [no]: y
certificate was added to keystore
[storing /opt/uem/keystore/uyun.keystore]
7、檢視證書庫中的全部證書:
keytool -list -keystore /opt/uem/keystore/uyun.keystore -storepass uyuncollector
結果:[root@uem bin]# keytool -list -keystore /opt/uem/keystore/uyun.keystore -storepass uyuncollector
keystore type: jks
keystore provider: sun
your keystore contains 2 entries
client, jul 15, 2015, trustedcertentry,
certificate fingerprint (sha1): 7d:6b:1e:68:7d:9e:04:8b:b4:12:51:61:89:46:56:06:c2:50:5c:94
uyun, jul 15, 2015, privatekeyentry,
certificate fingerprint (sha1): 17:a6:24:a4:3d:0b:d3:8f:50:5a:8e:91:e8:1d:23:72:6c:d1:3d:38
C 使用HttpClient進行http操作
在.net 4.5中增加了乙個新的system.net.http.httpclient名字空間 在 system.net.http.dll 中 其中 提供了用於傳送 http 請求和接收 http 響應的api。string body await client.getstringasync uri ...
使用 HttpClient 4 進行檔案上傳
1.概述 本教程我們將描述如何使用httpclient 4進行一次多檔案上傳操作.我們將使用 作為測試伺服器,因為它是面向公眾的,並且接受大多數型別的內容.如果你想要深入學習並了解你可以使用 httpclient 做到的其它很棒的事情 那就去看看首要的 httpclient 教程吧 2.使用 add...
使用 HttpClient 4 進行檔案上傳
1.概述 本教程我們將描述如何使用httpclient 4進行一次多檔案上傳操作.我們將使用 作為測試伺服器,因為它是面向公眾的,並且接受大多數型別的內容.如果你想要深入學習並了解你可以使用 httpclient 做到的其它很棒的事情 那就去看看首要的 httpclient 教程吧 2.使用 add...