JBOSS certificate deployment
keytool -genkey alias mysite.com keyalg RSA -keystore key.store
create cretificate request
keytool -certreq -alias mysite.com -file certreq.csr -keystore key.store
You should receive 3+ certificates
root
intermidiate ( can be more than one )
certificate generated against your CSR
Import root CA
keytool -import -alias root -keystore key.store -trustcacerts -file /root/root.txt
Import intermediate CA
keytool -import -alias intermediate -keystore key.store -trustcacerts -file /root/intermediate.txt
Import signed CA
keytool -import -alias mysite.com -keystore key.store -trustcacerts -file /root/mysite.com.txt
Steps to generate pfx ( private key+ certificate) to send it backup to CA ( windows )
create keystore of PKCS12
keytool -genkey -alias pkc -keystore key.store.p12 -storetype pkcs12
truncate the pkcs keystore
keytool -delete -alias pkc -keystore key.store.p12 -storetype pkcs12
copy/import der keystore to pkcs keystore
keytool -importkeystore -srckeystore key.store -destkeystore key.store.p12 -srcstoretype jks -deststoretype pkcs12 -scrstorepass 123455 -deststorepass 2323233 -srcalias mysite.com -destalias mysite.com
export the pfx bundle
keytool -exportcert -keystore key.store.p12 -storetype pkcs12 -alias mysite.com -file mysite.pfx
Generate private key from the key store
syntax: java -jar exportprivatekey.zip[pkcs12 or jks]
example: java -jar exportprivatekey.zip /root/key.store jks hello mysite.com mysite.key
Bundle private and public key in pkcs12 format
openssl pkcs12 -export -out mm.e.pfx -inkey mysite.key -in my.txt
Create Private Certificate store
keytool -genkey alias mysite.com keyalg RSA -keystore key.store
create cretificate request
keytool -certreq -alias mysite.com -file certreq.csr -keystore key.store
You should receive 3+ certificates
root
intermidiate ( can be more than one )
certificate generated against your CSR
Import root CA
keytool -import -alias root -keystore key.store -trustcacerts -file /root/root.txt
Import intermediate CA
keytool -import -alias intermediate -keystore key.store -trustcacerts -file /root/intermediate.txt
Import signed CA
keytool -import -alias mysite.com -keystore key.store -trustcacerts -file /root/mysite.com.txt
Steps to generate pfx ( private key+ certificate) to send it backup to CA ( windows )
create keystore of PKCS12
keytool -genkey -alias pkc -keystore key.store.p12 -storetype pkcs12
truncate the pkcs keystore
keytool -delete -alias pkc -keystore key.store.p12 -storetype pkcs12
copy/import der keystore to pkcs keystore
keytool -importkeystore -srckeystore key.store -destkeystore key.store.p12 -srcstoretype jks -deststoretype pkcs12 -scrstorepass 123455 -deststorepass 2323233 -srcalias mysite.com -destalias mysite.com
export the pfx bundle
keytool -exportcert -keystore key.store.p12 -storetype pkcs12 -alias mysite.com -file mysite.pfx
Generate private key from the key store
syntax: java -jar exportprivatekey.zip
example: java -jar exportprivatekey.zip /root/key.store jks hello mysite.com mysite.key
Bundle private and public key in pkcs12 format
openssl pkcs12 -export -out mm.e.pfx -inkey mysite.key -in my.txt
No comments:
Post a Comment