Java Key Store: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
Line 32: Line 32:


== References ==
== References ==
* [https://devcentral.f5.com/questions/difference-between-root-cert-intermediate-cert-and-ssl-cert Difference between Root Cert, Intermediate Cert and SSL Cert]
* [https://blogs.oracle.com/jtc/installing-trusted-certificates-into-a-java-keystore Installing Trusted Certificates into a Java Keystore]
* [https://blogs.oracle.com/jtc/installing-trusted-certificates-into-a-java-keystore Installing Trusted Certificates into a Java Keystore]
* [https://pubs.vmware.com/view-50/index.jsp#com.vmware.view.installation.doc/GUID-671E07A6-5B9A-43F4-BF47-2A59B95056EB.html Use an Existing SSL Certificate and Private Key]
* [https://pubs.vmware.com/view-50/index.jsp#com.vmware.view.installation.doc/GUID-671E07A6-5B9A-43F4-BF47-2A59B95056EB.html Use an Existing SSL Certificate and Private Key]

Revision as of 22:22, 4 March 2018

Manipulation

# show trusted root ca entries with empty/blank password
keytool -keystore "$JAVA_HOME/jre/lib/security/cacerts" -list

# show trusted certificate entries with store password
keytool -keystore "$HOME/.chorke/jks/chorke.jks" -list

# change proprietary jks format to pkcs12
keytool -importkeystore -srckeystore chorke_source.jks \
-destkeystore chorke_target.jks -deststoretype pkcs12
# import certificate with alias in java security
keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts \
-alias ckirootca -file ckirootca.cer

keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts \
-alias ckisubca -file ckisubca.cer

keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts \
-alias chorke -file chorke.crt
# debugging certificate handshacking
service='api.chorke.org:5443/soap/services';\
echo -e "GET / HTTP/1.0\r\n" | openssl s_client \
-connect $service -CAfile chorke_client.pem

References