*. Official method reference:
http://verisign.itrus.com.cn/html/fuwuyuzhichi/fuwuqizhengshuanzhuangpeizhizhinan/ Here is a Linux reference example: Before implementing the certificate upgrade, the sub-center needs to import the third-party certificate into the cacerts certificate store. The steps to import a certificate are summarized below. 1. If the unified authentication application is running in the java environment, find the java_home directory of the system Under Linux, you can find it with the following command: echo $JAVA_HOME /java/jdk1.7 2. Go to the security directory under $JAVA_HOME: cd /java/jdk/jre/lib/security 3. Use the following command to delete the old certificate. Note that the alias parameter should be modified and deleted according to the actual certificate alias of the server. Do not delete it by mistake. keytool -delete -alias server -keystore relative path cacerts 4. Download the attached 3 certificates to the unified authentication server Suppose the stored path is: /java/jdk/jre/lib/security/sso 5. To install the certificate, first locate the /java/jdk/jre/lib/security directory keytool -import -alias server -keystore cacerts -file server.cer [Enter KeyStore password, default: 123456] Trust this certificate? [no]: yes Certificate was added to keystore 6. Import the other two intermediate certificates: keytool -import -alias 1 -keystore cacerts -file 1.cer keytool -import -alias 2 -keystore cacerts -file 2.cer 6.1 Check whether the certificate is valid keytool -list -keystore relative path cacerts 7. Restart the service Must restart to take effect
-------------------------------------------------- -------Resource List----------------------------------------- -----------------------
*, reference resources
http://www.itrus.cn/service_view_79.html http://www.cnblogs.com/AloneSword/p/3244434.html