Category: General

Create a Self-signed cert

openssl genrsa -out key.pem 2048
openssl req -new -key key.pem -out csr.pem
openssl x509 -req -days 3650 -in csr.pem -signkey key.pem -out cert.pem

View cert details

openssl x509 -text -in cert.pem

PKCS12 and JKS

Convert SSL certificate to pkcs12

openssl pkcs12 -export -in cert.somedomain.com.crt -inkey star.somedomain.com.key -out keystore.pkcs12

Convert to JKS

keytool -v -importkeystore -srckeystore keystore.pkcs12 -srcstoretype PKCS12 -destkeystore truststore.jks -deststoretype JKS

Add intermediate cert

keytool -import -trustcacerts -alias intermediate -file intermediate.pem -keystore keystore.jks

Java SSL

Sign jar files with code signing SSL

cd /opt/tarantella/webserver/tomcat/5.0.28_axis1.2/webapps/sgd/tcc/java/
for i in `ls -1 backup|grep .jar` ;do echo $i; /opt/tarantella/bin/jdk.i3li_1.6.0_05/bin/jarsigner -keystore /tmp/code-signing.jks -signedjar $i backup/$i 1; done

Convert pem to pkcs12 and add a chain cert

openssl pkcs12 -export -in cert.pem -inkey key.pem -out certificate.pfx -certfile ../alpha_ssl_inter.crt
0 0 vote
Article Rating

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.