ElasticSearch折腾记
openssl创建的服务器证书用一下命令转成pkcs12格式的证书后,只有服务器的证书,没有ca证书
openssl cannot store ca to pkcs12 cert
openssl pkcs12 -export -in ${SHARE_DIR}/ubuntu/cert/certs/xiamu.com.cert -inkey ${SHARE_DIR}/ubuntu/cert/xiamu.com/private/xiamu.com.key -out ${SHARE_DIR}/ubuntu/cert/certs/xiamu.com.p12
需要使用一下命令讲证书导入,
need use keytool add ca cert to pkcs12 cert
keytool -importcert -storetype PKCS12 -keystore ${SHARE_DIR}/ubuntu/cert/certs/xiamu.com.p12 -alias ca -file ${SHARE_DIR}/ubuntu/cert/certs/ca.chain.cert