Java Key Store: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 2: | Line 2: | ||
keytool -genkey -keyalg RSA -keysize 2048 -validity 7300\ | keytool -genkey -keyalg RSA -keysize 2048 -validity 7300\ | ||
-dname "CN=Chorke Academia, OU=Academia, O=Chorke Inc, L=Kuala Lumpur, ST=WP, C=MY"\ | -dname "CN=Chorke Academia, OU=Academia, O=Chorke Inc, L=Kuala Lumpur, ST=WP, C=MY"\ | ||
-keystore clients.jks -alias | -keystore clients.jks -alias academia\ | ||
-storepass storepasswd\ | -storepass storepasswd\ | ||
-keypass storepasswd | -keypass storepasswd | ||
</source> | </source> | ||
== | ==Create== | ||
<source lang="bash"> | <source lang="bash"> | ||
keytool -genkey -keyalg RSA -keysize 2048 -validity 7300\ | |||
-dname "CN=Chorke Academia, OU=Academia, O=Chorke Inc, L=Kuala Lumpur, ST=WP, C=MY"\ | |||
-keystore clients.jks -alias academia\ | |||
-storepass storepasswd | |||
</source> | |||
==Import== | |||
keytool - | <source lang="bash"> | ||
keytool -importkeystore -deststoretype pkcs12\ | |||
-srckeystore clients.jks\ | |||
-destkeystore servers.jks\ | |||
-srcstorepass storepasswd\ | |||
-deststorepass storepasswd\ | |||
-srcalias academia\ | |||
-destalias academia | |||
</source> | |||
===Root CA Cert=== | |||
keytool - | <source lang="bash"> | ||
- | keytool -importcert -trustcacerts\ | ||
-storepass storepasswd\ | |||
-keystore clients.jks\ | |||
-file rootca.cer | |||
-alias rootca\ | |||
</source> | </source> | ||
===Sub CA Cert=== | |||
<source lang="bash"> | <source lang="bash"> | ||
keytool -importcert -trustcacerts\ | |||
keytool - | -storepass storepasswd\ | ||
-keystore clients.jks\ | |||
-file subca.cer\ | |||
-alias subca | |||
</source> | |||
keytool - | ===Certificate=== | ||
- | <source lang="bash"> | ||
keytool -importcert\ | |||
-storepass storepasswd\ | |||
-keystore clients.jks\ | |||
-file software.crt\ | |||
-alias software | |||
</source> | </source> | ||
==Certificate List== | |||
<source lang="bash"> | <source lang="bash"> | ||
keytool - | keytool -list -keystore clients.jks -storepass storepasswd | ||
</source> | </source> | ||
==Knowledge== | |||
<source lang="bash"> | <source lang="bash"> | ||
# debugging certificate handshacking | # debugging certificate handshacking | ||
Revision as of 03:02, 3 March 2021
keytool -genkey -keyalg RSA -keysize 2048 -validity 7300\
-dname "CN=Chorke Academia, OU=Academia, O=Chorke Inc, L=Kuala Lumpur, ST=WP, C=MY"\
-keystore clients.jks -alias academia\
-storepass storepasswd\
-keypass storepasswd
Create
keytool -genkey -keyalg RSA -keysize 2048 -validity 7300\
-dname "CN=Chorke Academia, OU=Academia, O=Chorke Inc, L=Kuala Lumpur, ST=WP, C=MY"\
-keystore clients.jks -alias academia\
-storepass storepasswd
Import
keytool -importkeystore -deststoretype pkcs12\
-srckeystore clients.jks\
-destkeystore servers.jks\
-srcstorepass storepasswd\
-deststorepass storepasswd\
-srcalias academia\
-destalias academia
Root CA Cert
keytool -importcert -trustcacerts\
-storepass storepasswd\
-keystore clients.jks\
-file rootca.cer
-alias rootca\
Sub CA Cert
keytool -importcert -trustcacerts\
-storepass storepasswd\
-keystore clients.jks\
-file subca.cer\
-alias subca
Certificate
keytool -importcert\
-storepass storepasswd\
-keystore clients.jks\
-file software.crt\
-alias software
Certificate List
keytool -list -keystore clients.jks -storepass storepasswd
Knowledge
# debugging certificate handshacking
service='api.chorke.org:5443/soap/services';\
echo -e "GET / HTTP/1.0\r\n" | openssl s_client \
-connect $service -CAfile chorke_client.pem