When urgently you need some keystores and truststores to test out some security related java code this is a useful bat file to have. Copy the code below and create a bat file. run it and you got your stuff.
keytool -genkey -alias serverkeys -keyalg RSA -keystore server.k
eystore -storepass 123456 -keypass 123456 -dname “CN=localhost, OU=MYOU, O=MYORG, L=MYCITY, ST=M
YSTATE, C=MY”
keytool -export -alias serverkeys -keystore server.keystore -stor
epass 123456 -file server.cer
keytool -genkey -alias clientkeys -keyalg RSA -keystore client.k
eystore -storepass 123456 -keypass 123456 -dname “CN=localhost, OU=MYOU, O=MYORG, L=MYCITY, S=MY
STATE, C=MY”
keytool -export -alias clientkeys -keystore client.keystore -stor
epass 123456 -file client.cer
keytool -import -v -keystore client.truststore -storepass 123456
-file server.cer
keytool -import -v -keystore server.truststore -storepass 123456
-file client.cer
It generates a keystore called server.keystore with password 123456. Then it creates server certificate server.cer.
Then it generates a keystore called client.keystore with password 123456. Creates a client certificate named client.cer
Next it imports server certificate into client truststore and client certificate into server truststore.
These are self signed certificates. Good for internal use. You can use open ssl
and create certificates. But this bat file is short and sweet for immediate use.
When you paste it you do have to be careful about keywords not getting split up like wordpress does.
Filed under: TLS | 1 Comment
Tags: certificates, java, keystore, keytool, security, TLS
One Response to “Quick and easy certificates for TLS”