keytool命令的使用

## 打印全部證書指紋。若是是cacerts，則指本機安裝的jdk的key store；若是是一個jks文件，則是其餘key store
keytool -list -keystore <cacerts|xxx.jks> -storepass <changeit>
## 若是指定了-v選項，將以可讀格式打印證書
keytool -list -v -keystore <cacerts|xxx.jks> -storepass <changeit>
## 若是指定了-rfc選項，將以可打印的編碼格式輸出證書
keytool -list -rfc -keystore <cacerts|xxx.jks> -storepass <changeit>
# [e.g.]
keytool -list -rfc -keystore C:\jdk1.7.0_141\jre\lib\security\cacerts -storepass changeit >> certs.cer

## 導入證書到cacerts中
keytool -import -alias <cert name> -keystore <cacerts> -file <xxx.cer>
# [e.g.]
keytool -import -alias tpsoauth -keystore C:\jdk1.7.0_141\jre\lib\security\cacerts -file C:\Users\me\Desktop\tpsoauth.cer

## 導入key store到cacerts中
keytool -importkeystore -srckeystore <xxx.jks> -srcstorepass changeit -destkeystore <cacerts> -deststorepass <changeit>
# [e.g.]
keytool -importkeystore -srckeystore C:\Users\me\Desktop\cers\DEV_cacerts.jks -srcstorepass changeit -destkeystore C:\jdk1.7.0_141\jre\lib\security\cacerts -deststorepass changeit

## 刪除某個證書
keytool -delete -alias <cert name> -keystore <cacerts>
# [e.g.]
keytool -delete -alias tpsoauth -keystore C:\jdk1.7.0_141\jre\lib\security\cacerts