Java keyTool

http://java.zacheusz.eu/tomcat-uwierzytelnianie-klienta-ssl-przy-pomocy-certyfikatu/54/

http://www.ccwp.wrotapodlasia.pl/files/inst_reguest.pdf

http://nl.globalsign.com/en/support/ssl+certificates/java/java+based+webserver/keytool+commands/

http://portecle.sourceforge.net/

Reklamy

JKS SSL

Generowanie JKS na podstawie CER

a) Creating Client Public and Private Key in Client keystore and Server Public and Private key in Server Keystore
keytool -genkey -alias clientX509v1 -keypass storepassword -storetype jks -storepass storepassword -validity 3650 -keyAlg RSA -keystore client-keystore.jks
keytool -genkey -alias serverX509v1 -keypass storepassword -storetype jks -storepass storepassword -validity 3650 -keyAlg RSA -keystore server-keystore.jks

b) Exporting clients public key to an external file and servers public key to an external file
keytool -export -alias clientX509v1 -file client-certfile.csr -keystore client-keystore.jks -storepass storepassword -keyAlg RSA
keytool -export -alias serverX509v1 -file server-certfile.csr -keystore server-keystore.jks -storepass storepassword -keyAlg RSA

c) Import the clients public certificate from the external file to server trust store and servers public certificate to the client trust store
keytool -import -noprompt -alias clientX509v1 -file client-certfile.csr -storepass storepassword -keystore server-truststore.jks -storetype JKS
keytool -import -noprompt -alias serverX509v1 -file server-certfile.csr -storepass storepassword -keystore client-truststore.jks -storetype JKS

Dodatkowo linki:

http://www.sslshopper.com/article-most-common-java-keytool-keystore-commands.html

http://shib.kuleuven.be/docs/ssl_commands.shtml

http://blogs.sun.com/swchan/entry/how_to_use_verisign_cert