Difference between revisions of "Working with SSL"
From Opentaps Wiki
Jump to navigationJump to searchm |
|||
| Line 1: | Line 1: | ||
| + | === Generating a Self Signed JKS Key === | ||
| + | |||
| + | <pre> | ||
| + | $ keytool -genkey -alias opentaps -keyalg RSA -keystore framework/base/config/opentaps.jks | ||
| + | Enter keystore password: opentaps | ||
| + | What is your first and last name? | ||
| + | [Unknown]: localhost | ||
| + | What is the name of your organizational unit? | ||
| + | [Unknown]: Si Chen | ||
| + | What is the name of your organization? | ||
| + | [Unknown]: Open Source Strategies, Inc. | ||
| + | What is the name of your City or Locality? | ||
| + | [Unknown]: Los Angeles | ||
| + | What is the name of your State or Province? | ||
| + | [Unknown]: CA | ||
| + | What is the two-letter country code for this unit? | ||
| + | [Unknown]: US | ||
| + | Is CN=localhost, OU=Si Chen, O="Open Source Strategies, Inc.", L=Los Angeles, ST=CA, C=US correct? | ||
| + | [no]: yes | ||
| + | |||
| + | Enter key password for <opentaps> | ||
| + | (RETURN if same as keystore password): opentaps | ||
| + | </pre> | ||
| + | |||
=== Converting PEM to JKS Private Key === | === Converting PEM to JKS Private Key === | ||
* key.pem is the private SSL key | * key.pem is the private SSL key | ||
Revision as of 00:04, 24 April 2009
Generating a Self Signed JKS Key
$ keytool -genkey -alias opentaps -keyalg RSA -keystore framework/base/config/opentaps.jks
Enter keystore password: opentaps
What is your first and last name?
[Unknown]: localhost
What is the name of your organizational unit?
[Unknown]: Si Chen
What is the name of your organization?
[Unknown]: Open Source Strategies, Inc.
What is the name of your City or Locality?
[Unknown]: Los Angeles
What is the name of your State or Province?
[Unknown]: CA
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=localhost, OU=Si Chen, O="Open Source Strategies, Inc.", L=Los Angeles, ST=CA, C=US correct?
[no]: yes
Enter key password for <opentaps>
(RETURN if same as keystore password): opentaps
Converting PEM to JKS Private Key
- key.pem is the private SSL key
- cert.pem is the certificate for the SSL key
$ openssl pkcs8 -topk8 -nocrypt -in key.pem -inform PEM -out key.der -outform DER $ openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER $ javac ImportKey.java $ java ImportKey key.der cert.der Using keystore-file : /home/user/keystore.ImportKey One certificate, no chain. Key and certificate stored. Alias:importkey Password:importkey $ keytool -keystore keystore.ImportKey -storepass Enter keystore password: New keystore password: Re-enter new keystore password:
ImportKey.java can be obtained from agentbob.info
