I have two Tomcat servers, with different "cacerts" files. On one, running "keytool -list -keystore cacerts" says my keystore contains 95 entries, on the other, it says 96. I tried saving the list outputs and running diff against them, but the certificates seem to be in different orders. Before I write something, is there an intelligent utility to tell me the differences between the files? Thanks!
Use sort:
user@host1$ keytool -list -keystore cacerts | sort > certs1
user@host2$ keytool -list -keystore cacerts | sort > certs2
then copy both files to a single host and diff:
diff certs1 certs2