Generate A Java Keystore And Key Pair
Generate A Java Keystore And Key Pair 4,3/5 963 reviews
  1. Generate A Java Keystore And Key Pair Free
  2. Generate A Java Keystore And Key Pair Key
  3. Generate A Java Keystore And Key Paired

Create a file for the encryption keystore and key pair. You must create a file that contains the encryption keystore and key pair details. Use the Java™ format (jceks). Although you can use any keytool to create the file, it must use the same format as a Java keystore. The encryption key must use one of the following encryption. Invoking keytool to generate a public-private key pair. Here is an example of invoking keytool to create a public-private key pair. (In the example below the parameters are written on multiple lines for the purpose of clarity. When you invoke keytool, you must type the program name and its parameters all on one line.). Run keytool to generate a new key pair in the default development keystore file, keystore.jks. This example uses the alias server-alias to generate a new public/private key pair and wrap the public key into a self-signed certificate inside keystore.jks. The key pair is generated by using an algorithm of type RSA, with a default password of changeit.

Creating a KeyStore in JKS Format

Generate A Java Keystore And Key Pair Free

This section explains how to create a KeyStore using theJKS format as the database format for both the private key, and theassociated certificate or certificate chain. By default, as specifiedin the java.security file, keytool usesJKS as the format of the key and certificate databases (KeyStore andTrustStores). A CA must sign the certificate signing request (CSR).The CA is therefore trusted by the server-side application to whichthe Adapter is connected.

Note –

Itis recommended to use the default KeyStore

Generate A Java Keystore And Key Pair Key


where <c:JavaCAPS> isthe directory where Java CAPS is installed and <MyDomain> isthe name of your domain.

To Generate a KeyStore

  1. Perform the following command.


  2. Once prompted, enter the information required to generatea CSR. A sample key generation section follows.


    If the KeyStore password is specified, then the password mustbe provided for the adapter.

  3. Press RETURN when prompted for the key password (thisaction makes the key password the same as the KeyStore password).

    This operation creates a KeyStore file clientkeystore in the current working directory. You must specify a fullyqualified domain for the “first and last name” question.The reason for this use is that some CAs such as VeriSign expect thisproperties to be a fully qualified domain name.

    Thereare CAs that do not require the fully qualified domain, but it isrecommended to use the fully qualified domain name for the sake ofportability. All the other information given must be valid. If theinformation cannot be validated, a CA such as VeriSign does not signa generated CSR for this entry.

    This KeyStore containsan entry with an alias of client.This entry consists of the generated private key and information neededfor generating a CSR as follows:


    This command generates a certificate signing request which canbe provided to a CA for a certificate request. The file client.csr contains the CSR in PEM format.

    Some CA (one trusted by the web server to which the adapteris connecting) must sign the CSR. The CA generates a certificate forthe corresponding CSR and signs the certificate with its private key.For more information, visit the following web sites:

    or

    If the certificate is chained with the CA’scertificate, perform step 4; otherwise, perform step 5 in the followinglist:

  4. Perform the following command.


    The command imports the certificate and assumes the client certificateis in the file client.cer and theCA’s certificate is in the file CARoot.cer.

  5. Perform the following command to import the CA’scertificate into the KeyStore for chaining with the client’scertificate.


  6. Perform the following command to import the client’scertificate signed by the CA whose certificate was imported in thepreceding step.


    The generated file clientkeystore containsthe client’s private key and the associated certificate chainused for client authentication and signing. The KeyStore and/or clientkeystore, can then be used as the adapter’sKeyStore.

Before you use the P6 EPPM Web Services encryption and digital signatures features you need to generate a public/private key pair.

To generate a Java keystore and public/private key pair

First, make sure that you are using the supported JDK version for this release. Refer to the Tested Configurations document for supported version information. Next, ensure that the bin folder of the JDK is set to your system path. Then perform the following steps:

  1. On the Web Server where P6 EPPM Web Services is deployed, open a command prompt and execute the keytool command using the following as an example:

    keytool -validity 3600 -genkey -keyalg RSA -alias mykeys -keystore keystore.jks

    If necessary, modify the preceding command for your environment.

  2. Enter the appropriate information as prompted by the system prompts. For example:

    Key generator program free download. keystore password: demo123

    first and last name: demo user

    organizational unit: demo org

    organization: demo

    city: demo city

    state: demo state

    country code: us

    Type yes when prompted if the information is correct.
    Press enter when prompted to enter a key password (do not enter anything)

    Notes:

    • The proceeding responses are for example purposes only. Substitute the appropriate responses for your environment.
    • After performing the steps above your keystore will be generated in the location specified in step 1. The keystore contains the private key that will be used by P6 EPPM Web Services and the public key that will be used by the client. The P6 EPPM Web Services demo application is an example of a client that can be set up to use a public key.
    • Typically you will need to export the certificate containing the public key from the keystore and import that public key into a keystore accessible by the client. For the sake of clarity, this procedure documents how to use the same keystore for both the client and P6 EPPM Web Services.
  3. Copy the keystore to a location that is accessible by P6 EPPM Web Services and the P6 EPPM Web Services client application. The P6 EPPM Web Services Demo program is a client application. If P6 EPPM Web Services is on a different machine than P6 Professional, copy the keystore to both machines.

Related Topics

KeystoreGenerate A Java Keystore And Key Pair

Generate A Java Keystore And Key Paired


Legal Notices
Copyright © 2008, 2018, Oracle and/or its affiliates. All rights reserved.