[原]折腾了一下在startssl申请免费签名并部署至tomcat
2016-03-22 16:23
543 查看
背景:
因为要用到ssl,先是自签名配置了一下,浏览器选个忽略就可以正常使用了(移动的N多后台都是这德行啊),但是如果用程序调用接口的话,就不好办了,所以还是想弄个正规的签名。貌似只有startssl是免费的!(后来发现如果想要作废证书的话他是要收费的)。
搜了一些文章,感觉里面有很多误导的成分,害得自己折腾了一天多时间。赶紧记下来,以后再操作的话就是十来分钟的事情了,写出来也希望别人不要走弯路。
正文:
参考页面1: tomcat7 ssl howto: https://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
参考页面2:[How-To] Install Startcom Certificate with Tomcat on Linux https://forum.startcom.org/viewtopic.php?f=2&t=2650
其实有上面两篇文章足以,一个官方文档,一个逐步操作。
下面自己归纳总结一下(实际操作只看蓝字即可):
1.自签名可以起到加密通讯的作用,但是起不到身份认证的作用。到startssl签名也就是为了解决后面这一点。因此总体步骤就是:
自签名(生成秘钥)->使用自签名申请认证签名->用返回的认证签名部署到服务器
即:selfsign(genkey)->certreq->importcert (keytool工具的参数好像很随意,genkey和genkeypair通用?import和importcert通用?反正操作的时候弄得很糊涂)
2.自签名(生成秘钥):
keytool -genkeypair -alias tomcat -keyalg "RSA" -keystore 【xxx.jks】
*【xxx.jks】是你的keystore的文件名(下文同)
3.从自签名生成crs,用于到startssl去申请签名:
keytool -certreq -alias tomcat -keyalg "RSA" -keystore【xxx.jks】
4.startssl会返给你签名文件,形式是一个zip包,里面有apache,nginx,iis和other四个包。这里我想当然的只打开了apache的包,里面两个文件,一个是root证书,一个是你申请的域名的证书。拿这两个文件反复折腾了好多遍,先导入root证书没问题,都是在导入第二个证书的时候报错。上面参考页面1里面说的是一个root加一个域名证书就可以了,而参考页面2里面提到了三个证书,琢磨了半天怎么只有两个?终于打开other那个包里面,发现是三个证书了。依次导入,没有问题。配置到tomcat下,不再出现证书有问题的提示了。
keytool -importcert -alias startsslroot -file root.crt -keystore 【xxx.jks】
keytool -importcert -alias startsslintermediate -file 1_Intermediate.crt -keystore 【xxx.jks】
keytool -importcert -alias tomcat -file 【your domain name】.crt -keystore 【xxx.jks】
* 三个crt是startssl
2016 /04/01编辑:
发现这个证书虽然浏览器认了,但是使用java进行调用时,还是一样不认,看了一下java内置的证书库,里面确实没有StartCom的,那看来只好自己导入一下了吧。不知道这些个认证证书里面有没有免费的?
C:\Program Files\Java\jdk1.8.0_05\jre\lib\security>keytool -list -keystore cacer
ts
输入密钥库口令:
密钥库类型: JKS
密钥库提供方: SUN
您的密钥库包含 81 个条目
digicertassuredidrootca, 2008-4-16, trustedCertEntry,
证书指纹 (SHA1): 05:63:B8:63:0D:62:D7:5A:BB:C8:AB:1E:4B:DF:B5:A8:99:B2:4D:43
trustcenterclass2caii, 2008-4-29, trustedCertEntry,
证书指纹 (SHA1): AE:50:83:ED:7C:F4:5C:BC:8F:61:C6:21:FE:68:5D:79:42:21:15:6E
thawtepremiumserverca, 2009-12-12, trustedCertEntry,
证书指纹 (SHA1): E0:AB:05:94:20:72:54:93:05:60:62:02:36:70:F7:CD:2E:FC:66:66
swisssignsilverg2ca, 2008-11-1, trustedCertEntry,
证书指纹 (SHA1): 9B:AA:E5:9F:56:EE:21:CB:43:5A:BE:25:93:DF:A7:F0:40:D1:1D:CB
swisssignplatinumg2ca, 2008-11-1, trustedCertEntry,
证书指纹 (SHA1): 56:E0:FA:C0:3B:8F:18:23:55:18:E5:D3:11:CA:E8:C2:43:31:AB:66
equifaxsecureebusinessca1, 2003-7-19, trustedCertEntry,
证书指纹 (SHA1): DA:40:18:8B:91:89:A3:ED:EE:AE:DA:97:FE:2F:9D:F5:B7:D1:8A:41
thawteserverca, 2009-12-12, trustedCertEntry,
证书指纹 (SHA1): 9F:AD:91:A6:CE:6A:C6:C5:00:47:C4:4E:C9:D4:A5:0D:92:D8:49:79
utnuserfirstclientauthemailca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): B1:72:B1:A5:6D:95:F9:1F:E5:02:87:E1:4D:37:EA:6A:44:63:76:8A
thawtepersonalfreemailca, 2009-12-12, trustedCertEntry,
证书指纹 (SHA1): E6:18:83:AE:84:CA:C1:C1:CD:52:AD:E8:E9:25:2B:45:A6:4F:B7:E2
utnuserfirsthardwareca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): 04:83:ED:33:99:AC:36:08:05:87:22:ED:BC:5E:46:00:E3:BE:F9:D7
entrustevca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): B3:1E:B1:B7:40:E3:6C:84:02:DA:DC:37:D4:4D:F5:D4:67:49:52:F9
certumca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 62:52:DC:40:F7:11:43:A2:2F:DE:9E:F7:34:8E:06:42:51:B1:81:18
entrustrootcag2, 2010-6-23, trustedCertEntry,
证书指纹 (SHA1): 8C:F4:27:FD:79:0C:3A:D1:66:06:8D:E8:1E:57:EF:BB:93:22:72:D4
addtrustclass1ca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): CC:AB:0E:A0:4C:23:01:D6:69:7B:DD:37:9F:CD:12:EB:24:E3:94:9D
equifaxsecureca, 2003-7-19, trustedCertEntry,
证书指纹 (SHA1): D2:32:09:AD:23:D3:14:23:21:74:E4:0D:7F:9D:62:13:97:86:63:3A
quovadisrootca3, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 1F:49:14:F7:D8:74:95:1D:DD:AE:02:C0:BE:FD:3A:2D:82:75:51:85
quovadisrootca2, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): CA:3A:FB:CF:12:40:36:4B:44:B2:16:20:88:80:48:39:19:93:7C:F7
digicerthighassuranceevrootca, 2008-4-16, trustedCertEntry,
证书指纹 (SHA1): 5F:B7:EE:06:33:E2:59:DB:AD:0C:4C:9A:E6:D3:8F:1A:61:C7:DC:25
secomvalicertclass1ca, 2008-6-3, trustedCertEntry,
证书指纹 (SHA1): E5:DF:74:3C:B6:01:C4:9B:98:43:DC:AB:8C:E8:6A:81:10:9F:E4:8E
equifaxsecureglobalebusinessca1, 2003-7-19, trustedCertEntry,
证书指纹 (SHA1): 7E:78:4A:10:1C:82:65:CC:2D:E1:F1:6D:47:B4:40:CA:D9:0A:19:45
geotrustuniversalca, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): E6:21:F3:35:43:79:05:9A:4B:68:30:9D:8A:2F:74:22:15:87:EC:79
thawteprimaryrootcag3, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): F1:8B:53:8D:1B:E9:03:B6:A6:F0:56:43:5B:17:15:89:CA:F3:6B:F2
verisignclass3ca, 2009-12-12, trustedCertEntry,
证书指纹 (SHA1): A1:DB:63:93:91:6F:17:E4:18:55:09:40:04:15:C7:02:40:B0:AE:6B
thawteprimaryrootcag2, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): AA:DB:BC:22:23:8F:C4:01:A1:27:BB:38:DD:F4:1D:DB:08:9E:F0:12
deutschetelekomrootca2, 2008-11-15, trustedCertEntry,
证书指纹 (SHA1): 85:A4:08:C0:9C:19:3E:5D:51:58:7D:CD:D6:13:30:FD:8C:DE:37:BF
buypassclass3ca, 2014-1-7, trustedCertEntry,
证书指纹 (SHA1): DA:FA:F7:FA:66:84:EC:06:8F:14:50:BD:C7:C2:81:A5:BC:A9:64:57
utnuserfirstobjectca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): E1:2D:FB:4B:41:D7:D9:C3:2B:30:51:4B:AC:1D:81:D8:38:5E:2D:46
geotrustprimaryca, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): 32:3C:11:8E:1B:F7:B8:B6:52:54:E2:E2:10:0D:D6:02:90:37:F0:96
buypassclass2ca, 2014-1-7, trustedCertEntry,
证书指纹 (SHA1): 49:0A:75:74:DE:87:0A:47:FE:58:EE:F6:C7:6B:EB:C6:0B:12:40:99
verisignclass1ca, 2009-12-12, trustedCertEntry,
证书指纹 (SHA1): CE:6A:64:A3:09:E4:2F:BB:D9:85:1C:45:3E:64:09:EA:E8:7D:60:F1
baltimorecodesigningca, 2002-5-10, trustedCertEntry,
证书指纹 (SHA1): 30:46:D8:C8:88:FF:69:30:C3:4A:FC:CD:49:27:08:7C:60:56:7B:0D
baltimorecybertrustca, 2002-5-10, trustedCertEntry,
证书指纹 (SHA1): D4:DE:20:D0:5E:66:FC:53:FE:1A:50:88:2C:78:DB:28:52:CA:E4:74
starfieldclass2ca, 2005-1-20, trustedCertEntry,
证书指纹 (SHA1): AD:7E:1C:28:B0:64:EF:8F:60:03:40:20:14:C3:D0:E3:37:0E:B5:8A
camerfirmachamberscommerceca, 2008-11-1, trustedCertEntry,
证书指纹 (SHA1): 6E:3A:55:A4:19:0C:19:5C:93:84:3C:C0:DB:72:2E:31:30:61:F0:B1
ttelesecglobalrootclass3ca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 55:A6:72:3E:CB:F2:EC:CD:C3:23:74:70:19:9D:2A:BE:11:E3:81:D1
verisignclass3g5ca, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): 4E:B6:D5:78:49:9B:1C:CF:5F:58:1E:AD:56:BE:3D:9B:67:44:A5:E5
trustcenteruniversalcai, 2008-4-29, trustedCertEntry,
证书指纹 (SHA1): 6B:2F:34:AD:89:58:BE:62:FD:B0:6B:5C:CE:BB:9D:D9:4F:4E:39:F3
ttelesecglobalrootclass2ca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 59:0D:2D:7D:88:4F:40:2E:61:7E:A5:62:32:17:65:CF:17:D8:94:E9
verisignclass3g4ca, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): 22:D5:D8:DF:8F:02:31:D1:8D:F7:9D:B7:CF:8A:2D:64:C9:3F:6C:3A
verisignclass3g3ca, 2004-3-26, trustedCertEntry,
证书指纹 (SHA1): 13:2D:0D:45:53:4B:69:97:CD:B2:D5:C3:39:E2:55:76:60:9B:5C:C6
certumtrustednetworkca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 07:E0:32:E0:20:B7:2C:3F:19:2F:06:28:A2:59:3A:19:A7:0F:06:9E
certplusclass3pprimaryca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 21:6B:2A:29:E6:2A:00:CE:82:01:46:D8:24:41:41:B9:25:11:B2:79
verisignclass3g2ca, 2004-3-26, trustedCertEntry,
证书指纹 (SHA1): 85:37:1C:A6:E5:50:14:3D:CE:28:03:47:1B:DE:3A:09:E8:F8:77:0F
globalsignr3ca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): D6:9B:56:11:48:F0:1C:77:C5:45:78:C1:09:26:DF:5B:85:69:76:AD
utndatacorpsgcca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): 58:11:9F:0E:12:82:87:EA:50:FD:D9:87:45:6F:4F:78:DC:FA:D6:D4
secomscrootca2, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 5F:3B:8C:F2:F8:10:B3:7D:78:B4:CE:EC:19:19:C3:73:34:B9:C7:74
secomscrootca1, 2008-6-3, trustedCertEntry,
证书指纹 (SHA1): 36:B1:2B:49:F9:81:9E:D7:4C:9E:BC:38:0F:C6:56:8F:5D:AC:B2:F7
gtecybertrustglobalca, 2002-5-10, trustedCertEntry,
证书指纹 (SHA1): 97:81:79:50:D8:1C:96:70:CC:34:D8:09:CF:79:44:31:36:7E:F4:74
verisignuniversalrootca, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): 36:79:CA:35:66:87:72:30:4D:30:A5:FB:87:3B:0F:A7:7B:B7:0D:54
trustcenterclass4caii, 2008-4-29, trustedCertEntry,
证书指纹 (SHA1): A6:9A:91:FD:05:7F:13:6A:42:63:0B:B1:76:0D:2D:51:12:0C:16:50
globalsignr2ca, 2007-8-3, trustedCertEntry,
证书指纹 (SHA1): 75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE
certplusclass2primaryca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 74:20:74:41:72:9C:DD:92:EC:79:31:D8:23:10:8D:C2:81:92:E2:BB
digicertglobalrootca, 2008-4-16, trustedCertEntry,
证书指纹 (SHA1): A8:98:5D:3A:65:E5:E5:C4:B2:D7:D6:6D:40:C6:DD:2F:B1:9C:54:36
globalsignca, 2008-3-19, trustedCertEntry,
证书指纹 (SHA1): B1:BC:96:8B:D4:F4:9D:62:2A:A8:9A:81:F2:15:01:52:A4:1D:82:9C
thawteprimaryrootca, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): 91:C6:D6:EE:3E:8A:C8:63:84:E5:48:C2:99:29:5C:75:6C:81:7B:81
geotrustglobalca, 2003-7-19, trustedCertEntry,
证书指纹 (SHA1): DE:28:F4:A4:FF:E5:B9:2F:A3:C5:03:D1:A3:49:A7:F9:96:2A:82:12
soneraclass2ca, 2006-3-29, trustedCertEntry,
证书指纹 (SHA1): 37:F7:6D:E6:07:7C:90:C5:B1:3E:93:1A:B7:41:10:B4:F2:E4:9A:27
verisigntsaca, 2008-11-1, trustedCertEntry,
证书指纹 (SHA1): BE:36:A4:56:2F:B2:EE:05:DB:B3:D3:23:23:AD:F4:45:08:4E:D6:56
quovadisrootca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): DE:3F:40:BD:50:93:D3:9B:6C:60:F6:DA:BC:07:62:01:00:89:76:C9
soneraclass1ca, 2006-3-29, trustedCertEntry,
证书指纹 (SHA1): 07:47:22:01:99:CE:74:B9:7C:B0:3D:79:B2:64:A2:C8:55:E9:33:FF
valicertclass2ca, 2005-1-20, trustedCertEntry,
证书指纹 (SHA1): 31:7A:2A:D0:7F:2B:33:5E:F5:A1:C3:4E:4B:57:E8:B7:D8:F1:FC:A6
comodoaaaca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): D1:EB:23:A4:6D:17:D6:8F:D9:25:64:C2:F1:F1:60:17:64:D8:E3:49
aolrootca2, 2008-3-19, trustedCertEntry,
证书指纹 (SHA1): 85:B5:FF:67:9B:0C:79:96:1F:C8:6E:44:22:00:46:13:DB:17:92:84
keynectisrootca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 9C:61:5C:4D:4D:85:10:3A:53:26:C2:4D:BA:EA:E4:A2:D2:D5:CC:97
addtrustqualifiedca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): 4D:23:78:EC:91:95:39:B5:00:7F:75:8F:03:3B:21:1E:C5:4D:8B:CF
aolrootca1, 2008-3-19, trustedCertEntry,
证书指纹 (SHA1): 39:21:C1:15:C1:5D:0E:CA:5C:CB:5B:C4:F0:7D:21:D8:05:0B:56:6A
verisignclass2g3ca, 2004-3-26, trustedCertEntry,
证书指纹 (SHA1): 61:EF:43:D7:7F:CA:D4:61:51:BC:98:E0:C3:59:12:AF:9F:EB:63:11
addtrustexternalca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): 02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
verisignclass2g2ca, 2004-3-26, trustedCertEntry,
证书指纹 (SHA1): B3:EA:C4:47:76:C9:C8:1C:EA:F2:9D:95:B6:CC:A0:08:1B:67:EC:9D
geotrustprimarycag3, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): 03:9E:ED:B8:0B:E7:A0:3C:69:53:89:3B:20:D2:D9:32:3A:4C:2A:FD
geotrustprimarycag2, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): 8D:17:84:D5:37:F3:03:7D:EC:70:FE:57:8B:51:9A:99:E6:10:D7:B0
swisssigngoldg2ca, 2008-11-1, trustedCertEntry,
证书指纹 (SHA1): D8:C5:38:8A:B7:30:1B:1B:6E:D4:7A:E6:45:25:3A:6F:9F:1A:27:61
entrust2048ca, 2010-6-23, trustedCertEntry,
证书指纹 (SHA1): 50:30:06:09:1D:97:D4:F5:AE:39:F7:CB:E7:92:7D:7D:65:2D:34:31
chunghwaepkirootca, 2014-1-14, trustedCertEntry,
证书指纹 (SHA1): 67:65:0D:F1:7E:8E:7E:5B:82:40:A4:F4:56:4B:CF:E2:3D:69:C6:F0
camerfirmachambersignca, 2008-11-1, trustedCertEntry,
证书指纹 (SHA1): 4A:BD:EE:EC:95:0D:35:9C:89:AE:C7:52:A1:2C:5B:29:F6:D6:AA:0C
camerfirmachambersca, 2008-11-1, trustedCertEntry,
证书指纹 (SHA1): 78:6A:74:AC:76:AB:14:7F:9C:6A:30:50:BA:9E:A8:7E:FE:9A:CE:3C
entrustsslca, 2003-1-9, trustedCertEntry,
证书指纹 (SHA1): 99:A6:9B:E6:1A:FE:88:6B:4D:2B:82:00:7C:B8:54:FC:31:7E:15:39
godaddyclass2ca, 2005-1-20, trustedCertEntry,
证书指纹 (SHA1): 27:96:BA:E6:3F:18:01:E2:77:26:1B:A0:D7:77:70:02:8F:20:EE:E4
verisignclass1g3ca, 2004-3-26, trustedCertEntry,
证书指纹 (SHA1): 20:42:85:DC:F7:EB:76:41:95:57:8E:13:6B:D4:B7:D1:E9:8E:46:A5
secomevrootca1, 2008-6-3, trustedCertEntry,
证书指纹 (SHA1): FE:B8:C4:32:DC:F9:76:9A:CE:AE:3D:D8:90:8F:FD:28:86:65:64:7D
verisignclass1g2ca, 2004-3-26, trustedCertEntry,
证书指纹 (SHA1): 27:3E:E1:24:57:FD:C4:F9:0C:55:E8:2B:56:16:7F:62:F5:32:E5:47
因为要用到ssl,先是自签名配置了一下,浏览器选个忽略就可以正常使用了(移动的N多后台都是这德行啊),但是如果用程序调用接口的话,就不好办了,所以还是想弄个正规的签名。貌似只有startssl是免费的!(后来发现如果想要作废证书的话他是要收费的)。
搜了一些文章,感觉里面有很多误导的成分,害得自己折腾了一天多时间。赶紧记下来,以后再操作的话就是十来分钟的事情了,写出来也希望别人不要走弯路。
正文:
参考页面1: tomcat7 ssl howto: https://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
参考页面2:[How-To] Install Startcom Certificate with Tomcat on Linux https://forum.startcom.org/viewtopic.php?f=2&t=2650
其实有上面两篇文章足以,一个官方文档,一个逐步操作。
下面自己归纳总结一下(实际操作只看蓝字即可):
1.自签名可以起到加密通讯的作用,但是起不到身份认证的作用。到startssl签名也就是为了解决后面这一点。因此总体步骤就是:
自签名(生成秘钥)->使用自签名申请认证签名->用返回的认证签名部署到服务器
即:selfsign(genkey)->certreq->importcert (keytool工具的参数好像很随意,genkey和genkeypair通用?import和importcert通用?反正操作的时候弄得很糊涂)
2.自签名(生成秘钥):
keytool -genkeypair -alias tomcat -keyalg "RSA" -keystore 【xxx.jks】
*【xxx.jks】是你的keystore的文件名(下文同)
3.从自签名生成crs,用于到startssl去申请签名:
keytool -certreq -alias tomcat -keyalg "RSA" -keystore【xxx.jks】
4.startssl会返给你签名文件,形式是一个zip包,里面有apache,nginx,iis和other四个包。这里我想当然的只打开了apache的包,里面两个文件,一个是root证书,一个是你申请的域名的证书。拿这两个文件反复折腾了好多遍,先导入root证书没问题,都是在导入第二个证书的时候报错。上面参考页面1里面说的是一个root加一个域名证书就可以了,而参考页面2里面提到了三个证书,琢磨了半天怎么只有两个?终于打开other那个包里面,发现是三个证书了。依次导入,没有问题。配置到tomcat下,不再出现证书有问题的提示了。
keytool -importcert -alias startsslroot -file root.crt -keystore 【xxx.jks】
keytool -importcert -alias startsslintermediate -file 1_Intermediate.crt -keystore 【xxx.jks】
keytool -importcert -alias tomcat -file 【your domain name】.crt -keystore 【xxx.jks】
* 三个crt是startssl
2016 /04/01编辑:
发现这个证书虽然浏览器认了,但是使用java进行调用时,还是一样不认,看了一下java内置的证书库,里面确实没有StartCom的,那看来只好自己导入一下了吧。不知道这些个认证证书里面有没有免费的?
C:\Program Files\Java\jdk1.8.0_05\jre\lib\security>keytool -list -keystore cacer
ts
输入密钥库口令:
密钥库类型: JKS
密钥库提供方: SUN
您的密钥库包含 81 个条目
digicertassuredidrootca, 2008-4-16, trustedCertEntry,
证书指纹 (SHA1): 05:63:B8:63:0D:62:D7:5A:BB:C8:AB:1E:4B:DF:B5:A8:99:B2:4D:43
trustcenterclass2caii, 2008-4-29, trustedCertEntry,
证书指纹 (SHA1): AE:50:83:ED:7C:F4:5C:BC:8F:61:C6:21:FE:68:5D:79:42:21:15:6E
thawtepremiumserverca, 2009-12-12, trustedCertEntry,
证书指纹 (SHA1): E0:AB:05:94:20:72:54:93:05:60:62:02:36:70:F7:CD:2E:FC:66:66
swisssignsilverg2ca, 2008-11-1, trustedCertEntry,
证书指纹 (SHA1): 9B:AA:E5:9F:56:EE:21:CB:43:5A:BE:25:93:DF:A7:F0:40:D1:1D:CB
swisssignplatinumg2ca, 2008-11-1, trustedCertEntry,
证书指纹 (SHA1): 56:E0:FA:C0:3B:8F:18:23:55:18:E5:D3:11:CA:E8:C2:43:31:AB:66
equifaxsecureebusinessca1, 2003-7-19, trustedCertEntry,
证书指纹 (SHA1): DA:40:18:8B:91:89:A3:ED:EE:AE:DA:97:FE:2F:9D:F5:B7:D1:8A:41
thawteserverca, 2009-12-12, trustedCertEntry,
证书指纹 (SHA1): 9F:AD:91:A6:CE:6A:C6:C5:00:47:C4:4E:C9:D4:A5:0D:92:D8:49:79
utnuserfirstclientauthemailca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): B1:72:B1:A5:6D:95:F9:1F:E5:02:87:E1:4D:37:EA:6A:44:63:76:8A
thawtepersonalfreemailca, 2009-12-12, trustedCertEntry,
证书指纹 (SHA1): E6:18:83:AE:84:CA:C1:C1:CD:52:AD:E8:E9:25:2B:45:A6:4F:B7:E2
utnuserfirsthardwareca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): 04:83:ED:33:99:AC:36:08:05:87:22:ED:BC:5E:46:00:E3:BE:F9:D7
entrustevca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): B3:1E:B1:B7:40:E3:6C:84:02:DA:DC:37:D4:4D:F5:D4:67:49:52:F9
certumca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 62:52:DC:40:F7:11:43:A2:2F:DE:9E:F7:34:8E:06:42:51:B1:81:18
entrustrootcag2, 2010-6-23, trustedCertEntry,
证书指纹 (SHA1): 8C:F4:27:FD:79:0C:3A:D1:66:06:8D:E8:1E:57:EF:BB:93:22:72:D4
addtrustclass1ca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): CC:AB:0E:A0:4C:23:01:D6:69:7B:DD:37:9F:CD:12:EB:24:E3:94:9D
equifaxsecureca, 2003-7-19, trustedCertEntry,
证书指纹 (SHA1): D2:32:09:AD:23:D3:14:23:21:74:E4:0D:7F:9D:62:13:97:86:63:3A
quovadisrootca3, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 1F:49:14:F7:D8:74:95:1D:DD:AE:02:C0:BE:FD:3A:2D:82:75:51:85
quovadisrootca2, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): CA:3A:FB:CF:12:40:36:4B:44:B2:16:20:88:80:48:39:19:93:7C:F7
digicerthighassuranceevrootca, 2008-4-16, trustedCertEntry,
证书指纹 (SHA1): 5F:B7:EE:06:33:E2:59:DB:AD:0C:4C:9A:E6:D3:8F:1A:61:C7:DC:25
secomvalicertclass1ca, 2008-6-3, trustedCertEntry,
证书指纹 (SHA1): E5:DF:74:3C:B6:01:C4:9B:98:43:DC:AB:8C:E8:6A:81:10:9F:E4:8E
equifaxsecureglobalebusinessca1, 2003-7-19, trustedCertEntry,
证书指纹 (SHA1): 7E:78:4A:10:1C:82:65:CC:2D:E1:F1:6D:47:B4:40:CA:D9:0A:19:45
geotrustuniversalca, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): E6:21:F3:35:43:79:05:9A:4B:68:30:9D:8A:2F:74:22:15:87:EC:79
thawteprimaryrootcag3, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): F1:8B:53:8D:1B:E9:03:B6:A6:F0:56:43:5B:17:15:89:CA:F3:6B:F2
verisignclass3ca, 2009-12-12, trustedCertEntry,
证书指纹 (SHA1): A1:DB:63:93:91:6F:17:E4:18:55:09:40:04:15:C7:02:40:B0:AE:6B
thawteprimaryrootcag2, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): AA:DB:BC:22:23:8F:C4:01:A1:27:BB:38:DD:F4:1D:DB:08:9E:F0:12
deutschetelekomrootca2, 2008-11-15, trustedCertEntry,
证书指纹 (SHA1): 85:A4:08:C0:9C:19:3E:5D:51:58:7D:CD:D6:13:30:FD:8C:DE:37:BF
buypassclass3ca, 2014-1-7, trustedCertEntry,
证书指纹 (SHA1): DA:FA:F7:FA:66:84:EC:06:8F:14:50:BD:C7:C2:81:A5:BC:A9:64:57
utnuserfirstobjectca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): E1:2D:FB:4B:41:D7:D9:C3:2B:30:51:4B:AC:1D:81:D8:38:5E:2D:46
geotrustprimaryca, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): 32:3C:11:8E:1B:F7:B8:B6:52:54:E2:E2:10:0D:D6:02:90:37:F0:96
buypassclass2ca, 2014-1-7, trustedCertEntry,
证书指纹 (SHA1): 49:0A:75:74:DE:87:0A:47:FE:58:EE:F6:C7:6B:EB:C6:0B:12:40:99
verisignclass1ca, 2009-12-12, trustedCertEntry,
证书指纹 (SHA1): CE:6A:64:A3:09:E4:2F:BB:D9:85:1C:45:3E:64:09:EA:E8:7D:60:F1
baltimorecodesigningca, 2002-5-10, trustedCertEntry,
证书指纹 (SHA1): 30:46:D8:C8:88:FF:69:30:C3:4A:FC:CD:49:27:08:7C:60:56:7B:0D
baltimorecybertrustca, 2002-5-10, trustedCertEntry,
证书指纹 (SHA1): D4:DE:20:D0:5E:66:FC:53:FE:1A:50:88:2C:78:DB:28:52:CA:E4:74
starfieldclass2ca, 2005-1-20, trustedCertEntry,
证书指纹 (SHA1): AD:7E:1C:28:B0:64:EF:8F:60:03:40:20:14:C3:D0:E3:37:0E:B5:8A
camerfirmachamberscommerceca, 2008-11-1, trustedCertEntry,
证书指纹 (SHA1): 6E:3A:55:A4:19:0C:19:5C:93:84:3C:C0:DB:72:2E:31:30:61:F0:B1
ttelesecglobalrootclass3ca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 55:A6:72:3E:CB:F2:EC:CD:C3:23:74:70:19:9D:2A:BE:11:E3:81:D1
verisignclass3g5ca, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): 4E:B6:D5:78:49:9B:1C:CF:5F:58:1E:AD:56:BE:3D:9B:67:44:A5:E5
trustcenteruniversalcai, 2008-4-29, trustedCertEntry,
证书指纹 (SHA1): 6B:2F:34:AD:89:58:BE:62:FD:B0:6B:5C:CE:BB:9D:D9:4F:4E:39:F3
ttelesecglobalrootclass2ca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 59:0D:2D:7D:88:4F:40:2E:61:7E:A5:62:32:17:65:CF:17:D8:94:E9
verisignclass3g4ca, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): 22:D5:D8:DF:8F:02:31:D1:8D:F7:9D:B7:CF:8A:2D:64:C9:3F:6C:3A
verisignclass3g3ca, 2004-3-26, trustedCertEntry,
证书指纹 (SHA1): 13:2D:0D:45:53:4B:69:97:CD:B2:D5:C3:39:E2:55:76:60:9B:5C:C6
certumtrustednetworkca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 07:E0:32:E0:20:B7:2C:3F:19:2F:06:28:A2:59:3A:19:A7:0F:06:9E
certplusclass3pprimaryca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 21:6B:2A:29:E6:2A:00:CE:82:01:46:D8:24:41:41:B9:25:11:B2:79
verisignclass3g2ca, 2004-3-26, trustedCertEntry,
证书指纹 (SHA1): 85:37:1C:A6:E5:50:14:3D:CE:28:03:47:1B:DE:3A:09:E8:F8:77:0F
globalsignr3ca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): D6:9B:56:11:48:F0:1C:77:C5:45:78:C1:09:26:DF:5B:85:69:76:AD
utndatacorpsgcca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): 58:11:9F:0E:12:82:87:EA:50:FD:D9:87:45:6F:4F:78:DC:FA:D6:D4
secomscrootca2, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 5F:3B:8C:F2:F8:10:B3:7D:78:B4:CE:EC:19:19:C3:73:34:B9:C7:74
secomscrootca1, 2008-6-3, trustedCertEntry,
证书指纹 (SHA1): 36:B1:2B:49:F9:81:9E:D7:4C:9E:BC:38:0F:C6:56:8F:5D:AC:B2:F7
gtecybertrustglobalca, 2002-5-10, trustedCertEntry,
证书指纹 (SHA1): 97:81:79:50:D8:1C:96:70:CC:34:D8:09:CF:79:44:31:36:7E:F4:74
verisignuniversalrootca, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): 36:79:CA:35:66:87:72:30:4D:30:A5:FB:87:3B:0F:A7:7B:B7:0D:54
trustcenterclass4caii, 2008-4-29, trustedCertEntry,
证书指纹 (SHA1): A6:9A:91:FD:05:7F:13:6A:42:63:0B:B1:76:0D:2D:51:12:0C:16:50
globalsignr2ca, 2007-8-3, trustedCertEntry,
证书指纹 (SHA1): 75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE
certplusclass2primaryca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 74:20:74:41:72:9C:DD:92:EC:79:31:D8:23:10:8D:C2:81:92:E2:BB
digicertglobalrootca, 2008-4-16, trustedCertEntry,
证书指纹 (SHA1): A8:98:5D:3A:65:E5:E5:C4:B2:D7:D6:6D:40:C6:DD:2F:B1:9C:54:36
globalsignca, 2008-3-19, trustedCertEntry,
证书指纹 (SHA1): B1:BC:96:8B:D4:F4:9D:62:2A:A8:9A:81:F2:15:01:52:A4:1D:82:9C
thawteprimaryrootca, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): 91:C6:D6:EE:3E:8A:C8:63:84:E5:48:C2:99:29:5C:75:6C:81:7B:81
geotrustglobalca, 2003-7-19, trustedCertEntry,
证书指纹 (SHA1): DE:28:F4:A4:FF:E5:B9:2F:A3:C5:03:D1:A3:49:A7:F9:96:2A:82:12
soneraclass2ca, 2006-3-29, trustedCertEntry,
证书指纹 (SHA1): 37:F7:6D:E6:07:7C:90:C5:B1:3E:93:1A:B7:41:10:B4:F2:E4:9A:27
verisigntsaca, 2008-11-1, trustedCertEntry,
证书指纹 (SHA1): BE:36:A4:56:2F:B2:EE:05:DB:B3:D3:23:23:AD:F4:45:08:4E:D6:56
quovadisrootca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): DE:3F:40:BD:50:93:D3:9B:6C:60:F6:DA:BC:07:62:01:00:89:76:C9
soneraclass1ca, 2006-3-29, trustedCertEntry,
证书指纹 (SHA1): 07:47:22:01:99:CE:74:B9:7C:B0:3D:79:B2:64:A2:C8:55:E9:33:FF
valicertclass2ca, 2005-1-20, trustedCertEntry,
证书指纹 (SHA1): 31:7A:2A:D0:7F:2B:33:5E:F5:A1:C3:4E:4B:57:E8:B7:D8:F1:FC:A6
comodoaaaca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): D1:EB:23:A4:6D:17:D6:8F:D9:25:64:C2:F1:F1:60:17:64:D8:E3:49
aolrootca2, 2008-3-19, trustedCertEntry,
证书指纹 (SHA1): 85:B5:FF:67:9B:0C:79:96:1F:C8:6E:44:22:00:46:13:DB:17:92:84
keynectisrootca, 2010-4-24, trustedCertEntry,
证书指纹 (SHA1): 9C:61:5C:4D:4D:85:10:3A:53:26:C2:4D:BA:EA:E4:A2:D2:D5:CC:97
addtrustqualifiedca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): 4D:23:78:EC:91:95:39:B5:00:7F:75:8F:03:3B:21:1E:C5:4D:8B:CF
aolrootca1, 2008-3-19, trustedCertEntry,
证书指纹 (SHA1): 39:21:C1:15:C1:5D:0E:CA:5C:CB:5B:C4:F0:7D:21:D8:05:0B:56:6A
verisignclass2g3ca, 2004-3-26, trustedCertEntry,
证书指纹 (SHA1): 61:EF:43:D7:7F:CA:D4:61:51:BC:98:E0:C3:59:12:AF:9F:EB:63:11
addtrustexternalca, 2006-5-2, trustedCertEntry,
证书指纹 (SHA1): 02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
verisignclass2g2ca, 2004-3-26, trustedCertEntry,
证书指纹 (SHA1): B3:EA:C4:47:76:C9:C8:1C:EA:F2:9D:95:B6:CC:A0:08:1B:67:EC:9D
geotrustprimarycag3, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): 03:9E:ED:B8:0B:E7:A0:3C:69:53:89:3B:20:D2:D9:32:3A:4C:2A:FD
geotrustprimarycag2, 2009-12-11, trustedCertEntry,
证书指纹 (SHA1): 8D:17:84:D5:37:F3:03:7D:EC:70:FE:57:8B:51:9A:99:E6:10:D7:B0
swisssigngoldg2ca, 2008-11-1, trustedCertEntry,
证书指纹 (SHA1): D8:C5:38:8A:B7:30:1B:1B:6E:D4:7A:E6:45:25:3A:6F:9F:1A:27:61
entrust2048ca, 2010-6-23, trustedCertEntry,
证书指纹 (SHA1): 50:30:06:09:1D:97:D4:F5:AE:39:F7:CB:E7:92:7D:7D:65:2D:34:31
chunghwaepkirootca, 2014-1-14, trustedCertEntry,
证书指纹 (SHA1): 67:65:0D:F1:7E:8E:7E:5B:82:40:A4:F4:56:4B:CF:E2:3D:69:C6:F0
camerfirmachambersignca, 2008-11-1, trustedCertEntry,
证书指纹 (SHA1): 4A:BD:EE:EC:95:0D:35:9C:89:AE:C7:52:A1:2C:5B:29:F6:D6:AA:0C
camerfirmachambersca, 2008-11-1, trustedCertEntry,
证书指纹 (SHA1): 78:6A:74:AC:76:AB:14:7F:9C:6A:30:50:BA:9E:A8:7E:FE:9A:CE:3C
entrustsslca, 2003-1-9, trustedCertEntry,
证书指纹 (SHA1): 99:A6:9B:E6:1A:FE:88:6B:4D:2B:82:00:7C:B8:54:FC:31:7E:15:39
godaddyclass2ca, 2005-1-20, trustedCertEntry,
证书指纹 (SHA1): 27:96:BA:E6:3F:18:01:E2:77:26:1B:A0:D7:77:70:02:8F:20:EE:E4
verisignclass1g3ca, 2004-3-26, trustedCertEntry,
证书指纹 (SHA1): 20:42:85:DC:F7:EB:76:41:95:57:8E:13:6B:D4:B7:D1:E9:8E:46:A5
secomevrootca1, 2008-6-3, trustedCertEntry,
证书指纹 (SHA1): FE:B8:C4:32:DC:F9:76:9A:CE:AE:3D:D8:90:8F:FD:28:86:65:64:7D
verisignclass1g2ca, 2004-3-26, trustedCertEntry,
证书指纹 (SHA1): 27:3E:E1:24:57:FD:C4:F9:0C:55:E8:2B:56:16:7F:62:F5:32:E5:47
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- java-模拟tomcat服务器
- i-jetty环境搭配与编译
- 实现单Tomcat多Server配置
- 生产环境下的Tomcat配置
- 访问Nginx发生SSL connection error的一种情况
- Linux部署Tomcat服务器
- jenkins------结合maven将svn项目自动部署到tomcat下
- 如何搞定tomcat这只喵~
- MySQL复制解决方案(Replication Solutions)
- Linux实现https方式访问站点
- HTTPS科普扫盲帖
- HTTPS的七个误解
- tomcat在opensuse下开机自启失败的原因分析及解决方法
- jsp项目中更改tomcat的默认index.jsp访问路径的方法
- Tomcat 多端口 多应用
- tomcat 5.0 + apache 2.0 完全安装步骤详解
- Tomcat安全设置 win2003 下tomcat权限限制