This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Keytool
Keytool

Version management

Difference between version and

At line 1 added 64 lines
!!! Overview
[{$pagename}] is the certificate management tool for [Java].
Normally you would on perform this on [Server] or a [Client] that is required to present a [Certificate]
!! Creating a [CSR] [Example]
Though these [examples] show using the [Windows Client] [Operating System] the only difference is in the path names.
You need to specify your desired values for:
* Path values for all commands and locations.
* servername - The [Certificate Alias] of the [certificate] you are going to use.
* hostname.jks - The [Keystore] you are going to use.
* hostname.csr - The file name of the [CSR] you generate.
* mydomain.crt - The [Trust Anchor] ([Root Certificate]) Name
* mydomain - The [Trust Anchor] [Certificate Alias] for the [Trust Anchor]
* dname - replace the "CN=hostname,OU=IT, O=cisus.com LLP, L=Butler, ST=Ohio, C=US" with desired values
! Generate the [KeyStore|Trust Anchor Store]
If you do not already have a [Java KeyStore], you will need to create one:
{{{
%HOMEDRIVE%
cd %HOMEPATH%
"C:\Program Files\Java\jdk1.8.0_20\bin\keytool" -genkey -alias servername -keyalg RSA -keysize 2048 -keystore hostname.jks -dname "CN=hostname,OU=IT, O=cisus.com LLP, L=Butler, ST=Ohio, C=US"
}}}
! Generate the [CSR]
{{{
%HOMEDRIVE%
cd %HOMEPATH%
"C:\Program Files\Java\jdk1.8.0_20\bin\keytool" -certreq -alias servername -file hostname.csr -keystore hostname.jks
}}}
Your keystore file is %HOMEPATH%\hostname.jks.
Your [CSR] file is %HOMEPATH%\hostname.csr.
! Install the [TRUSTED CA|Trust Anchor]
{{{
%HOMEDRIVE%
cd %HOMEPATH%
"C:\Program Files\Java\jdk1.8.0_20\bin\keytool" -import -trustcacerts -alias mydomain -file mydomain.crt -keystore hostname.jks
}}}
! [Intermediate Certificates]
If there are [Intermediate Certificates], they also need to be installed into the:
{{{
"C:\Program Files\Java\jdk1.8.0_20\bin\keytool" -import -alias intermed -keystore hostname.jks -trustcacerts -file <name of the intermediate certificate>
}}}
! Import your hostname certificate
The CA and all Intermediate CAs must be installed before you import your Certificate.
{{{
"C:\Program Files\Java\jdk1.8.0_20\bin\keytool" -import -alias servername -file servername -keystore hostname.jks
}}}
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop