Java Key Store: Difference between revisions
Jump to navigation
Jump to search
| Line 22: | Line 22: | ||
keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts \ | keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts \ | ||
-alias chorke -file chorke.crt | -alias chorke -file chorke.crt | ||
</syntaxhighlight> | |||
<syntaxhighlight lang="bash"> | |||
keytool -storepass storepasswd -importcert -keystore jks/chorke.jks \ | |||
-trustcacerts -alias ckirootca-file jks/ckirootca.cer | |||
keytool -storepass storepasswd -importcert -keystore jks/chorke.jks \ | |||
-trustcacerts -alias ckisubca-file jks/ckisubca.cer | |||
keytool -storepass storepasswd -importcert -keystore jks/chorke.jks \ | |||
-alias billsoft -file jks/chorke.crt | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Revision as of 06:24, 5 March 2018
Manipulation
# show trusted root ca entries with empty/blank password
keytool -keystore "$JAVA_HOME/jre/lib/security/cacerts" -list
# show trusted certificate entries with store password
keytool -keystore "$HOME/.chorke/jks/chorke.jks" -list
# change proprietary jks format to pkcs12
keytool -importkeystore -srckeystore chorke_source.jks \
-destkeystore chorke_target.jks -deststoretype pkcs12
# import certificate with alias in java security
keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts \
-alias ckirootca -file ckirootca.cer
keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts \
-alias ckisubca -file ckisubca.cer
keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts \
-alias chorke -file chorke.crt
keytool -storepass storepasswd -importcert -keystore jks/chorke.jks \
-trustcacerts -alias ckirootca-file jks/ckirootca.cer
keytool -storepass storepasswd -importcert -keystore jks/chorke.jks \
-trustcacerts -alias ckisubca-file jks/ckisubca.cer
keytool -storepass storepasswd -importcert -keystore jks/chorke.jks \
-alias billsoft -file jks/chorke.crt
# debugging certificate handshacking
service='api.chorke.org:5443/soap/services';\
echo -e "GET / HTTP/1.0\r\n" | openssl s_client \
-connect $service -CAfile chorke_client.pem
References
- Difference between Root Cert, Intermediate Cert and SSL Cert
- Installing Trusted Certificates into a Java Keystore
- Use an Existing SSL Certificate and Private Key
- Convert a PKCS#12 File to JKS Format
- How to use .key and .crt file in java?
- Creating a New SSL Certificate
- How to convert .csr to .cer?
- Portecle