🔨
ch.k43.util
🔨
ch.k43.util
  • Java Utility Package (Freeware)
  • Examples
    • 📖Logging
    • 🔧Utility Class
    • ⚒️HTTP Client
    • 🖥️TCP Client
    • 🖥️TCP Server
    • 🗃️JDBC Database
    • ✉️SMTP Mailer
    • ⚔️Java Thread
    • 🗄️File Tools
    • ⌚Timer
  • Hints and Tips
    • 💡Tips / FAQ
    • 🪪TLS Certificates
  • Downloads
    • ⬇️Package ch.k43.util
    • ⬇️Jakarta/Angus Mail
    • ⬇️JDBC Database Drivers
    • ⬇️Sample Code
  • Documentation
    • JavaDoc Documentation
Powered by GitBook

🪪TLS Certificates

Java Stores

There are two keystore files used in Java:

  • Key Store: These files contain certificates to proof authentication with a private key. Certificates can be server certificates (e.g. www.acme.com), intermediate certificates or client certificates (e.g. john.doe@acme.com).

  • Trust Store: These files contain public certificates of trusted identities. Certificates are trusted root certificates (e.g. Verisign, Microsoft, etc.), intermediates certificates or trusted server and client certificates. A default file (usually named cacerts with the default password changeit) is shipped with the JVM.

Create Self Signed Certificate

openssl req -x509 -newkey rsa:2048 -sha256 -keyout key.pem -out cert.pem -days 365 -nodes

Convert PEM certificate to P12

openssl pkcs12 -export -in certificate.pem -out certificate.p12

Create JKS file from P12 certificate

keytool -importkeystore -srckeystore certificate.p12 -srcstoretype pkcs12 -destkeystore keyfile.jks

Add Client Certificate to JKS file

keytool -import -trustcacerts -file clientcert.pem -keypass clientCertPass -storepass keyfilePass -keystore keyfile.jks

Display Content of JKS file

keytool -list -v -keystore keyfile.jks

Simple TLS Server

openssl s_server -key key.pem -cert cert.pem -accept 443

TLS Connection Test

openssl s_client -connect hostname:443

Last updated 2 months ago

Page cover image