How can I “diff” two cacerts files?



I have two Tomcat servers, with different “cacerts” files. On one, running “keytool -list -keystore cacerts” says my keystore contains 95 entries, on the other, it says 96. I tried saving the list outputs and running diff against them, but the certificates seem to be in different orders. Before I write something, is there an intelligent utility to tell me the differences between the files? Thanks!

Answer

Use sort:

user@host1$ keytool -list -keystore cacerts | sort > certs1
user@host2$ keytool -list -keystore cacerts | sort > certs2

then copy both files to a single host and diff:

diff certs1 certs2


Source: stackoverflow