Category: General
Create a Self-signed cert
openssl genrsa -out key.pem 2048 openssl req -new -key key.pem -out csr.pem openssl x509 -req -days 3650 -in csr.pem -signkey key.pem -out cert.pem
View cert details
openssl x509 -text -in cert.pem
PKCS12 and JKS
Convert SSL certificate to pkcs12
openssl pkcs12 -export -in cert.somedomain.com.crt -inkey star.somedomain.com.key -out keystore.pkcs12
Convert to JKS
keytool -v -importkeystore -srckeystore keystore.pkcs12 -srcstoretype PKCS12 -destkeystore truststore.jks -deststoretype JKS
Add intermediate cert
keytool -import -trustcacerts -alias intermediate -file intermediate.pem -keystore keystore.jks
Java SSL
Sign jar files with code signing SSL
cd /opt/tarantella/webserver/tomcat/5.0.28_axis1.2/webapps/sgd/tcc/java/ for i in `ls -1 backup|grep .jar` ;do echo $i; /opt/tarantella/bin/jdk.i3li_1.6.0_05/bin/jarsigner -keystore /tmp/code-signing.jks -signedjar $i backup/$i 1; done
Convert pem to pkcs12 and add a chain cert
openssl pkcs12 -export -in cert.pem -inkey key.pem -out certificate.pfx -certfile ../alpha_ssl_inter.crt
Thanks for sharing the code because these days SSL security is very important to protect hackers.