The Java Zone is brought to you in partnership with AppDynamics. Discover how AppDynamics steps in to upgrade your performance game and prevent your enterprise from these top 10 Java performance problems.
Through this I
am sharing the most simple scenario to follow in using Java keytool for
the requirements of Apache Wookie projects digital signature
implementation. Anyway if you are looking to know how to generate a key
pair or import a certificate to a Keystore using keytool, still this may
be helpful. Refer this segment of Java SE documentation to know in-depth details.
You needs a configuration of Java in your computer to use keytool and that is enough :).
Generating Key Pairs
Use following command in command prompt to generate a keypair with a self-signed certificate
keytool -genkey -alias wookie -keylag RSA -keystore wookieKeystore.jks -keysize 4096
After -alias give the alias to be used for keys
-keylag give the algorithm to be used in key generation
-keystore give the name of the keystore with type .jks (You can give a
path here to store the keystore in a desired place)
-keysize give the length for the generating key in bits
This will look something as follows:
That's all and you are having a key pair now. :)
In Aspects of
Wookie, now you can sign Widgets using this keystore. But in order to
get your widgets verified and deployed in Wookie server you needs to get
your public key trusted by server directly or via a third party.
Generating .cer File
To insert a
public key certificate into a trusted keystore it needs to be exported
as a .cer file. (There are several other options to use too.)
keytool -v -export -file keystore1.cer -keystore keystore1.jks -alias keystore1
Importing Public Key Certificates to a Trusted Keystore
To import a trusted certificate to a trusted keystore following command can be used.
keytool -import -alias keystore1 -file keystore1.cer -keystore wookieKeystore.jks
simply says to import the public key certificate of key having alias
'keystore1' which is in the file keystore1.cer to the keystore
signature generated using the private key of keystore1 aliased key pair,
can be properly validated using wookieKeystore.jks.
This post was by: Pushpalanka
The Java Zone is brought to you in partnership with AppDynamics. AppDynamics helps you gain the fundamentals behind application performance, and implement best practices so you can proactively analyze and act on performance problems as they arise, and more specifically with your Java applications. Start a Free Trial.
Published at DZone with permission of
Opinions expressed by DZone contributors are their own.