问题
I am just attempting to use the java keytool but I cannot figure out how to set the hostname.
This is what is how I am attempting:
hostname[username:/this/is/a/path][640]% keytool -keystore server.keystore -genkeypair -alias hostname
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: hostname
What is the name of your organizational unit?
[Unknown]: hostname
What is the name of your organization?
[Unknown]: hostname
What is the name of your City or Locality?
[Unknown]: hostname
What is the name of your State or Province?
[Unknown]: hostname
What is the two-letter country code for this unit?
[Unknown]: CA
Is CN=hostname, OU=hostname, O=hostname, L=hostname, ST=hostname, C=CA correct?
[no]: yes
Enter key password for <hostname>
(RETURN if same as keystore password):
hostname[username:/this/is/a/path][641]%
Since I have set all fields to hostname can I assume that my hostname is set to hostname?
回答1:
CN=hostname - it's the first option you're being asked for here. It's confusing that keytool refers to it as "first and last name".
回答2:
According to the section 3.1 "Server Identity" of RFC 2818 "HTTP over TLS", a client is supposed to compare the CN (Common Name) portion of the subject DN (Distinguished Name) in the server certificate to the DNS host name in the URL.
So use the Common Name (CN) for the hostname (the first question of the keytool).
来源:https://stackoverflow.com/questions/2200088/keytool-set-hostname