How To Set Djavax Net Ssl Truststore
The keytool control in Coffee is a tool for managing certificates into keyStore and trustStore which is used to store certificates and requires during the SSL handshake process. By using thekeytool command you lot tin do many things but some of the almost common operations are viewing certificates stored in the keystore, importing new certificates into the keyStore, delete whatever document from the keystore, etc. For those who are not familiar keyStore, trustStore, and SSL Setup for Java application Hither is a cursory overview of What is a trustStore and keyStore in Java.
Both trustStore and keyStrore is used to store certificate signed by signer authorization or CA (Certificate authority), with keyStore additionally storing personal certificate for the customer which is used during customer authentication on SSL handshake procedure if information technology's enabled.
In this article we volition see some basic examples of keytool command in Coffee to observe how many certificates nosotros have in keyStore, viewing those certificates, adding new certificates, and deleting one-time certificates from keyStore or trustStore in Coffee.
How to apply keytool command in Coffee
Post-obit are some most common or often used instance of keytool command which comes when you installed JDK. but type keytool command in your control prompt and it volition show a lot of command-line options if your PATH is set up correctly for Java.
If Path is not set properly it will mutter that not able to discover the keytool command. Don't worry y'all just demand to add together the JAVA_HOME/bin directory in your path to become the keytool command working.
keytool control to find how many certificates are in keyStore:
This is the first example of the keytool command which will show y'all how many certificates are stored in trustStore or keyStore file :
exam@nykdev32:/cygdrive/c/Program Files/Java/jdk1.6.0_26/jre/lib/security keytool -list -keystore jssecacerts Enter keystore password: changeit Keystore blazon: JKS Keystore provider: SUN Your keystore contains 81 entries digicertassuredidrootca, 07/01/2008, trustedCertEntry, Document fingerprint (MD5): 87:CE:0 B:vii B:2 A:0 Eastward:49:00:E1:58:71:nine B:37:A8:93:72 trustcenterclass2caii, 07/01/2008, trustedCertEntry,
above keytool command shows that default keystore jssecacerts , which comes along with JRE and present in JAVA_HOME directory on path JAVA_HOME/JRE/lib/security , has 81 certificates in it and keyStore type is JKS which stands for Java Fundamental Shop. One of those certificates are from DigiCert
keytool command to view certificate details from keyStore :
Now if you lot desire to see details of certificates e.thousand. Common proper noun (CN) and other attributes you can use the post-obit keytool command to view details of certificates stored in keyStore in Java :
exam@nykdev32:/cygdrive/c/Program Files/Coffee/jdk1.6.0_26/jre/lib/security keytool -listing -v -keystore jssecacerts Enter keystore password: changeit Keystore type: JKS Keystore provider: Sunday Your keystore contains 81 entries Allonym name: digicertassuredidrootca Cosmos date: 07/01/2008 Entry type: trustedCertEntry Owner: CN=DigiCert Assured ID Root CA, OU=world wide web.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=Usa Serial number: ce7e0e517d846fe8fe560fc1bf03039 Valid from: Thu November 09 20:00:00 VET 2006 until: Sun Nov 09 nineteen:30:00 VET 2031 Certificate fingerprints: MD5: 87:CE:0 B:7 B:2 A:0 E:49:00:E1:58:71:nine B:37:A8:93:72 SHA1: 05:63:B8:63:0 D:62:D7:5 A:BB:C8:AB:i E:4 B:DF:B5:A8:99:B2:4 D:43 Signature algorithm name: SHA1withRSA Version: 3
keytool command for adding a document in keystore and trustStore :
Now if you want to import whatever document into this keystore you tin use the following keytool command :
$ keytool -import -allonym adding_certificate_keystore -file self.cer -keystore jssecacerts
this volition print certificate details and prompt you to accept the certificate, one time y'all confirm that past typing Yes, the document will exist added into your keyStore. For verification purposes, you can re-run the previous keytool control to become a total number of certificates in the keystore. For example, if we run the following keytool control, it should print 82 certificates in keyStore :
examination@nykdev32:/cygdrive/c/Program Files/Java/jdk1.6.0_26/jre/lib/security keytool -list -keystore jssecacerts Enter keystore countersign: changeit Keystore type: JKS Keystore provider: SUN Your keystore contains 82 entries
Another useful keytool command option is -printcert which prints details of a certificate stored in the .cer file :
$ keytool -printcert -file examination.cer
That's all on some basic keytool command examples for viewing and adding certificates into keystore and trustStore in Coffee. I still adopt a GUI tool for creating keystore and managing certificates just keytool is a good alternative because information technology comes along with JDK installation and available in well-nigh places.
Coffee Tutorials from java67 web log
How To Set Djavax Net Ssl Truststore,
Source: https://www.java67.com/2012/09/keytool-command-examples-java-add-view-certificate-ssl.html
Posted by: lebelthenly.blogspot.com
0 Response to "How To Set Djavax Net Ssl Truststore"
Post a Comment