/ Java Zone
Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Generating Key Pairs and Importing Public Key Certificates to a Trusted Keystore

DZone's Guide to

Generating Key Pairs and Importing Public Key Certificates to a Trusted Keystore

by
·
Aug. 20, 12 · Java Zone ·
Free Resource

Comment (1)

Save
Tweet
{{ articles[0].views | formatCount}} Views

"I love writing authentication and authorization code." ~ No Developer Ever. Try Okta Instead.

Through this I am sharing the most simple scenario to follow in using Java keytool for the requirements of Apache Wookie projects digital signature implementation. Anyway if you are looking to know how to generate a key pair or import a certificate to a Keystore using keytool, still this may be helpful. Refer this segment of Java SE documentation to know in-depth details.

You needs a configuration of Java in your computer to use keytool and that is enough :).

Generating Key Pairs

Use following command in command prompt to generate a keypair with a self-signed certificate

keytool -genkey -alias wookie -keylag RSA -keystore wookieKeystore.jks -keysize 4096

After  -alias give the alias to be used for keys

          -keylag give the algorithm to be used in key generation

         -keystore give the name of the keystore with type .jks (You can give a path here to store the keystore in a desired place)

         -keysize give the length for the generating key in bits

This will look something as follows:

That's all and you are having a key pair now. :) 

In Aspects of Wookie, now you can sign Widgets using this keystore. But in order to get your widgets verified and deployed in Wookie server you needs to get your public key trusted by server directly or via a third party.

Generating .cer File

To insert a public key certificate into a trusted keystore it needs to be exported as a .cer file. (There are several other options to use too.) 
keytool -v -export -file keystore1.cer -keystore keystore1.jks -alias keystore1
 

Importing Public Key Certificates to a Trusted Keystore

To import a trusted certificate to a trusted keystore following command can be used. 
keytool -import -alias keystore1 -file keystore1.cer -keystore wookieKeystore.jks
 
This command simply says to import the public key certificate of key having alias 'keystore1' which is in the file keystore1.cer to the keystore 'wookieKeystore.jks'.


Now any signature generated using the private key of keystore1 aliased key pair, can be properly validated using wookieKeystore.jks.
Cheers!

 This post was by: Pushpalanka

 

 

"I love writing authentication and authorization code." ~ No Developer Ever. Try Okta Instead.

Like This Article? Read More From DZone

A Bootiful Podcast: Oleg Zhurakousky
Going Graph: How and Why MariaDB's CTO Joined Neo4j [Interview]
Building on Ethereum (Part 1): Decisions

Free DZone Refcard

Java Containerization
DOWNLOAD
Topics:

Comment (1)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

Java Partner Resources

Streamline and Automate Your Local Development Flow
Migrating to Microservice Databases
Deep insight into your code with IntelliJ IDEA.
SQL Abstraction for NoSQL & Big Data
Modern Java EE Design Patterns: Building Scalable Architecture for Sustainable Enterprise Development
Secure a Spring Microservices Architecture with Spring Security and OAuth 2.0
Gateway to Data Driven Operation & Digital Transformation
Data APIs for Developers
The API for Software: Develop the Delivery You Want
Building Reactive Microservices in Java: Asynchronous and Event-Based Application Design
Roll your own user auth or integrate pre-built identity management? [Whitepaper]
Develop your own delivery on your laptop with Atomist SDM local.

Java Partner Resources

Streamline and Automate Your Local Development Flow
Migrating to Microservice Databases
Deep insight into your code with IntelliJ IDEA.
SQL Abstraction for NoSQL & Big Data

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.linkDescription }}

{{ parent.urlSource.name }}
by {{ parent.authors[0].realName || parent.author}}
· {{ parent.articleDate | date:'MMM. dd, yyyy' }} {{ parent.linkDate | date:'MMM. dd, yyyy' }}
· {{ parent.portal.name }} Zone