开发者

Running keytool, getting an error with the -file param?

开发者 https://www.devze.com 2023-02-15 23:52 出处:网络
I\'m reading this article about how to allow a self-signed cert to be used by an android client: http://blog.crazybob.org/2010/02/android-trusting-ssl-certificates.html#comment-form

I'm reading this article about how to allow a self-signed cert to be used by an android client:

http://blog.crazybob.org/2010/02/android-trusting-ssl-certificates.html#comment-form

On step 2, I have to run a few commands, but I'm not too familiar with the shell and am getting a syntax error when trying to run the following:

export CLASSPATH="/Users/me/Desktop/lib/java/bouncycastle/bcprov-jdk16-145.jar"
CERTSTORE=res/raw/mystore.bks
if [ -a $CERTSTORE ]; then
    rm $CERTSTORE || exit 1
fi
keytool \
  -import \
  -v \
  -trustcacerts \
  -alias 0 \
  -file <(openssl x509 -in mycert.pem) \
  -keystore $CERTSTORE \
  -storetype BKS \
  -provider org.bouncycastle.jce.provider.BouncyCastleProvider \
  -providerpath /usr/share/java/bcprov.jar \
  -storepass mypassword

The error I get when I run:

./test.sh: line 11: syntax error near unexpected token `('
./test.sh: line 11: `  -file <(openssl x509 -in mycert.pem) \'

So the -file syntax is problematic, b开发者_如何学Cut I'm not sure what to change this to, because I don't know what syntax the -file param can handle.

Anyone have any idea? I'm on mac 10.6,

Thanks

--------- Update ---------------

If I replace the "<" character with "$", I get the following exception when executed:

java.lang.RuntimeException: Usage error, CERTIFICATE----- is not a legal command
  at sun.security.tools.KeyTool.parseArgs(KeyTool.java:375)
  at sun.security.tools.KeyTool.run(KeyTool.java:171)
  at sun.security.tools.KeyTool.main(KeyTool.java:166)

hmm I'm not understanding which arg the exception is telling me is bad though. Script updated looks like:

export CLASSPATH="/Users/me/Desktop/lib/java/bouncycastle/bcprov-jdk16-145.jar"
CERTSTORE=res/raw/mystore.bks
if [ -a $CERTSTORE ]; then
  rm $CERTSTORE || exit 1
fi
keytool \
  -import \
  -v \
  -trustcacerts \
  -alias 0 \
  -file $(openssl x509 -in mycert.pem) \
  -keystore $CERTSTORE \
  -storetype BKS \
  -provider org.bouncycastle.jce.provider.BouncyCastleProvider \
  -providerpath /usr/share/java/bcprov.jar \
  -storepass mypassword

Thanks!


You may not be running Bash. The <() is called process substitution. Some other shells support it, but the Bourne shell does not.

It creates an anonymous named pipe, so the -file sees a filename, but the file contents are really the output of openssl x509 command.

You can probably solve the problem by making sure that the first line in the script is:

#!/bin/bash
0

精彩评论

暂无评论...
验证码 换一张
取 消