Java Key Store: Difference between revisions
Jump to navigation
Jump to search
m (Shahed moved page JKS to Java Key Store: Elaboration) |
|||
| Line 36: | Line 36: | ||
* [https://pubs.vmware.com/view-50/index.jsp?topic=%2Fcom.vmware.view.installation.doc%2FGUID-06A2FF09-777C-44F0-B240-497E771379F3.html Convert a PKCS#12 File to JKS Format] | * [https://pubs.vmware.com/view-50/index.jsp?topic=%2Fcom.vmware.view.installation.doc%2FGUID-06A2FF09-777C-44F0-B240-497E771379F3.html Convert a PKCS#12 File to JKS Format] | ||
* [https://pubs.vmware.com/view-50/index.jsp?topic=%2Fcom.vmware.view.installation.doc%2FGUID-EB22BA1B-4D19-47C1-B608-8E05A3C78EAC.html Creating a New SSL Certificate] | * [https://pubs.vmware.com/view-50/index.jsp?topic=%2Fcom.vmware.view.installation.doc%2FGUID-EB22BA1B-4D19-47C1-B608-8E05A3C78EAC.html Creating a New SSL Certificate] | ||
* [http://portecle.sourceforge.net/ Portecle] | |||
Revision as of 04:07, 27 February 2018
Manipulating Java Key Store
# show trusted root ca entries with empty/blank password
keytool -keystore "$JAVA_HOME/jre/lib/security/cacerts" -list
# show trusted certificate entries with store password
keytool -keystore "$HOME/.chorke/jks/chorke.jks" -list
# change proprietary jks format to pkcs12
keytool -importkeystore -srckeystore chorke_source.jks \
-destkeystore chorke_target.jks -deststoretype pkcs12
# import certificate with alias in java security
keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts \
-alias ckirootca -file ckirootca.cer
keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts \
-alias ckisubca -file ckisubca.cer
keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts \
-alias chorke -file chorke.crt
# debugging certificate handshacking
service='api.chorke.org:5443/soap/services';\
echo -e "GET / HTTP/1.0\r\n" | openssl s_client \
-connect $service -CAfile chorke_client.pem