Category: General

  • Create a Self-signed cert
openssl genrsa -out key.pem 2048
openssl req -new -key key.pem -out csr.pem
openssl x509 -req -days 3650 -in csr.pem -signkey key.pem -out cert.pem
  • View cert details
openssl x509 -text -in cert.pem
  •  __PKCS12 and JKS__
  • Convert SSL certificate to pkcs12
openssl pkcs12 -export -in cert.somedomain.com.crt -inkey star.somedomain.com.key -out keystore.pkcs12
  • Convert to JKS
keytool -v -importkeystore -srckeystore keystore.pkcs12 -srcstoretype PKCS12 -destkeystore truststore.jks -deststoretype JKS
  • Add intermediate cert
keytool -import -trustcacerts -alias intermediate -file intermediate.pem -keystore keystore.jks
  •  __Java SSL__
  • Sign jar files with code signing SSL
cd /opt/tarantella/webserver/tomcat/5.0.28_axis1.2/webapps/sgd/tcc/java/
for i in `ls -1 backup|grep .jar` ;do echo $i; /opt/tarantella/bin/jdk.i3li_1.6.0_05/bin/jarsigner -keystore /tmp/code-signing.jks -signedjar $i backup/$i 1; done
  • Convert pem to pkcs12 and add a chain cert
openssl pkcs12 -export -in cert.pem -inkey key.pem -out certificate.pfx -certfile ../alpha_ssl_inter.crt

How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count: