我按照以下说明在Apache Tomcat中安装GoDaddy证书:
http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x?locale=en
但是,在步骤中引用了根证书,中间证书和证书。 我怎么知道哪个文件是哪个?
这些是我在下载中收到的三个文件的名称。 我已经尝试在Windows中打开每个只需双击,但我没有看到他们的types的参考。
gd_bundle-G2-g1.crt
gdig2.crt
2b9918dccf2f1d.crt
gd_bundle-g2-g1.crt :Go Daddy证书包 – G2 Cross with G1,包含Root gdig2.crt :去爸爸安全服务器证书(中级证书) – G2 2b9918dccf2f1d.crt :您的证书 来源: https : //certs.godaddy.com/anonymous/repository.pki
你可以使用openssl的x509子命令:
openssl x509 -subject -issuer -noout -in cert.pem
并检查输出。 应该是自我解释。
一个例子:
$ openssl x509 -noout -issuer -subject -in gd-class2-root.crt issuer= /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority subject= /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority $ openssl x509 -noout -issuer -subject -in gd_intermediate.crt issuer= /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority subject= /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287
您也可以validation信任链:
$ openssl verify -CAfile gd-class2-root.crt gd_intermediate.crt gd_intermediate.crt: OK