Java Key Store

From Chorke Wiki

Revision as of 02:50, 3 March 2021 by Shahed (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

keytool -genkey -keyalg RSA -keysize 2048 -validity 7300\
 -dname "CN=Chorke Academia, OU=Academia, O=Chorke Inc, L=Kuala Lumpur, ST=WP, C=MY"\
 -keystore clients.jks -alias xpresscover\
 -storepass storepasswd\
 -keypass storepasswd

Manipulation

# show trusted root ca entries with empty/blank password
keytool -keystore "$JAVA_HOME/jre/lib/security/cacerts" -list

# show trusted certificate entries with store password
keytool -keystore "$HOME/.chorke/jks/chorke.jks" -list

# change proprietary jks format to pkcs12
keytool -importkeystore -srckeystore chorke_source.jks \
-destkeystore chorke_target.jks -deststoretype pkcs12

# import certificate with alias in java security
keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts \
-alias ckirootca -file ckirootca.cer

keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts \
-alias ckisubca -file ckisubca.cer

keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts \
-alias chorke -file chorke.crt

keytool -storepass storepasswd -importcert -keystore jks/chorke.jks \
-trustcacerts -alias ckirootca-file jks/ckirootca.cer

keytool -storepass storepasswd -importcert -keystore jks/chorke.jks \
-trustcacerts -alias ckisubca-file jks/ckisubca.cer

keytool -storepass storepasswd -importcert -keystore jks/chorke.jks \
-alias chorke -file jks/chorke.crt

# debugging certificate handshacking
service='api.chorke.org:5443/soap/services';\
echo -e "GET / HTTP/1.0\r\n" | openssl s_client \
-connect $service -CAfile chorke_client.pem

References

Retrieved from "https://cdn.chorke.org/weke/index.php?title=Java_Key_Store&oldid=4837"

Pages using deprecated source tags