Java Key Store: Difference between revisions
Jump to navigation
Jump to search
(→Export) |
|||
| Line 64: | Line 64: | ||
==Export== | ==Export== | ||
===Keytool=== | |||
<source lang="bash"> | <source lang="bash"> | ||
keytool -rfc -export\ | keytool -rfc -export\ | ||
| Line 78: | Line 79: | ||
-alias academia\ | -alias academia\ | ||
-file academia.pem | -file academia.pem | ||
</source> | |||
===OpenSSL=== | |||
'''Private Key:''' | |||
<source lang="bash"> | |||
openssl pkcs12 -nodes -nocerts\ | |||
-out private_key.pem\ | |||
-in clients.p12 | |||
</source> | |||
'''Public Key:''' | |||
<source lang="bash"> | |||
openssl pkcs12 -nokeys\ | |||
-out public_key.pem\ | |||
-in clients.p12 | |||
</source> | </source> | ||
Revision as of 04:17, 3 March 2021
keytool -genkey -keyalg RSA -keysize 2048 -validity 7300\
-dname "CN=Chorke Academia, OU=Academia, O=Chorke Inc, L=Kuala Lumpur, ST=WP, C=MY"\
-keystore clients.jks -alias academia\
-storepass storepasswd\
-keypass storepasswd
Create
keytool -genkey -keyalg RSA -keysize 2048 -validity 7300\
-dname "CN=Chorke Academia, OU=Academia, O=Chorke Inc, L=Kuala Lumpur, ST=WP, C=MY"\
-keystore clients.jks -alias academia\
-storepass storepasswd
Import
keytool -importkeystore -deststoretype pkcs12\
-srckeystore clients.jks\
-destkeystore servers.jks\
-srcstorepass storepasswd\
-deststorepass storepasswd\
-srcalias academia\
-destalias academia
keytool -importkeystore -deststoretype pkcs12\
-srckeystore clients.jks\
-destkeystore clients.p12\
-srcstorepass storepasswd\
-deststorepass storepasswd\
-srcalias academia\
-destalias academia
Root CA Cert
keytool -importcert -trustcacerts\
-storepass storepasswd\
-keystore clients.jks\
-file rootca.cer\
-alias rootca
Sub CA Cert
keytool -importcert -trustcacerts\
-storepass storepasswd\
-keystore clients.jks\
-file subca.cer\
-alias subca
Certificate
keytool -importcert\
-storepass storepasswd\
-keystore clients.jks\
-file software.crt\
-alias software
Export
Keytool
keytool -rfc -export\
-storepass storepasswd\
-keystore clients.jks\
-alias academia\
-file academia.pem
keytool -export\
-storepass storepasswd\
-keystore clients.jks\
-alias academia\
-file academia.pem
OpenSSL
Private Key:
openssl pkcs12 -nodes -nocerts\
-out private_key.pem\
-in clients.p12
Public Key:
openssl pkcs12 -nokeys\
-out public_key.pem\
-in clients.p12
Certificate List
keytool -list -keystore clients.jks -storepass storepasswd
keytool -list -keystore clients.p12 -storepass storepasswd
keytool -list -keystore servers.jks -storepass storepasswd
Knowledge
# debugging certificate handshacking
service='api.chorke.org:5443/soap/services';\
echo -e "GET / HTTP/1.0\r\n" | openssl s_client \
-connect $service -CAfile chorke_client.pem
openssl help openssl help pkcs12 keytool --help -importkeystore