Kohei Nozaki's blog 

Creating Java KeyStore from X.509 certificate

Posted on Friday Feb 06, 2015 at 10:00PM in Technology

Environment

  • Oracle JDK 8u20

  • OpenSSL 0.9.8zc 15 Oct 2014

  • A certificate bought from RapidSSL

Files

  • key.pem: Private key (Created with openssl command as I wrote in previous posting)

  • certificate.txt: Certificate which sent from the seller via email

  • intermediate_ca.txt: Intermediate CA which sent from the seller via email

Create CAFile

curl -O https://raw.githubusercontent.com/bagder/ca-bundle/master/ca-bundle.crt
cat intermediate_ca.txt ca-bundle.crt > allcacerts.crt

Create PKCS12 key store

openssl pkcs12 -export -chain -CAfile allcacerts.crt -in certificate.txt -inkey key.pem -out mykeystore.pkcs12 -name java

Create Java KeyStore

keytool -importkeystore -srckeystore mykeystore.pkcs12 -srcstoretype pkcs12 -srcalias java -destkeystore mykeystore.jks -deststoretype jks -destalias mykey

Show list of entries in key store

keytool -v -list -storetype jks -keystore mykeystore.jks

Now mykeystore.jks is usable for application built upon Java.

References

Comments [0]

Tags: ssl

No one has commented yet.

Leave a Comment

HTML Syntax: NOT allowed

Welcome

You're viewing a weblog entry titled Creating Java KeyStore from X.509 certificate. If you like this entry you might want to:

del.icio.us Bookmark it submit to dig digg.com Digg it

This is just one entry in the weblog Kohei Nozaki's blog. Why don't you visit the main page of the weblog?

Related entries