Generate a private-public key pair using keytool. Protect your existing private rsa key with a passphrase. Save/Load Private and Public Key to/from a file / Published in: Java. Save to your folder(s) Save/Load. Store/Retrieve Private Key/Public Key to/from disk/file:D. Expand Embed Plain Text.
{{#eclipseproject:technology.higgins}}1. To generate a keystore, you need a JDK installed with its /bin directory in your path
2. Create a keystore using this command:
keytool will ask you to enter the values for Common Name (CN), Organizational Unit (OU), Oranization(O), Locality (L), State (S) and Country (C). CN should match the domain name of your webapp if you are planning to use this keystore for your servlet container
You can verify keystore contents using this command:
3. Generate the Certificate Signing Request (CSR) using this command:
Submit contents of csr-for-myserver.pem file to your CA for signing
You can get a trial certificate from Thawte at https://www.thawte.com/cgi/server/try.exe
4. Save the signed certificate from CA to a file signed-cert.pem
You can see the contents of the signed certificate using this command:
5. Download Root certificate from CA. You can download Thawte Test Root Certificate from http://www.thawte.com/roots/.
6. Import Root Certificate to keystore using this command:
where root-cert.pem is the Root Certificate from CA
7. Verify contents of keystore using this command:
8. Import CA signed certificate to keystore
9. Verify contents of keystore using this command:
The most important thing you want to see is that, under the private key alias, additional information is being displayed. You're looking for this:
Assume you have an existing .key and .crt from your Apache configuration.
You do this:
1. You convert the private key into PKCS#8 format:
2. Since the stupid Java keytool doesn't allow you to import private keys, you download this tool:
3. Now you can import the key into the Java Keystore:
4. Now you have the Java Keystore:
5. Delete the tmpfile:
importjava.security.KeyPairGenerator; |
importjava.security.KeyPair; |
importjava.security.PrivateKey; |
importjava.security.PublicKey; |
importjava.security.KeyFactory; |
importjava.security.spec.EncodedKeySpec; |
importjava.security.spec.PKCS8EncodedKeySpec; |
importjava.security.spec.X509EncodedKeySpec; |
importjava.security.spec.InvalidKeySpecException; |
importjava.security.NoSuchAlgorithmException; |
importcom.sun.jersey.core.util.Base64; |
publicclassGeneratePublicPrivateKeys { |
privatestaticvoidgenerateKeys(StringkeyAlgorithm, intnumBits) { |
try { |
// Get the public/private key pair |
KeyPairGenerator keyGen =KeyPairGenerator.getInstance(keyAlgorithm); |
keyGen.initialize(numBits); |
KeyPair keyPair = keyGen.genKeyPair(); |
PrivateKey privateKey = keyPair.getPrivate(); |
PublicKey publicKey = keyPair.getPublic(); |
System.out.println('n'+'Generating key/value pair using '+ privateKey.getAlgorithm() +' algorithm'); |
// Get the bytes of the public and private keys |
byte[] privateKeyBytes = privateKey.getEncoded(); |
byte[] publicKeyBytes = publicKey.getEncoded(); |
// Get the formats of the encoded bytes |
String formatPrivate = privateKey.getFormat(); // PKCS#8 |
String formatPublic = publicKey.getFormat(); // X.509 |
System.out.println('Private Key : '+Base64.encode(String.valueOf(privateKeyBytes))); |
System.out.println('Public Key : '+Base64.encode(String.valueOf(publicKeyBytes))); |
// The bytes can be converted back to public and private key objects |
KeyFactory keyFactory =KeyFactory.getInstance(keyAlgorithm); |
EncodedKeySpec privateKeySpec =newPKCS8EncodedKeySpec(privateKeyBytes); |
PrivateKey privateKey2 = keyFactory.generatePrivate(privateKeySpec); |
EncodedKeySpec publicKeySpec =newX509EncodedKeySpec(publicKeyBytes); |
PublicKey publicKey2 = keyFactory.generatePublic(publicKeySpec); |
// The original and new keys are the same |
System.out.println(' Are both private keys equal? '+ privateKey.equals(privateKey2)); |
System.out.println(' Are both public keys equal? '+ publicKey.equals(publicKey2)); |
} catch (InvalidKeySpecException specException) { |
System.out.println('Exception'); |
System.out.println('Invalid Key Spec Exception'); |
} catch (NoSuchAlgorithmException e) { |
System.out.println('Exception'); |
System.out.println('No such algorithm: '+ keyAlgorithm); |
} |
} |
publicstaticvoidmain(String[] args) { |
// Generate a 1024-bit Digital Signature Algorithm (DSA) key pair |
generateKeys('DSA', 1024); |
// Generate a 576-bit DH key pair |
generateKeys('DH', 576); |
// Generate a 1024-bit RSA key pair |
generateKeys('RSA', 1024); |
} |
} |
Hi You post is interestnig , is there away I can create a privatre key instance via a signature given stiring? Crypto key generate rsa command cisco switch. Oct 02, 2015 SSH Config and crypto key generate RSA command. Use this command to generate RSA key pairs for your Cisco device (such as a router). Keys are generated in pairs–one public RSA key and one private RSA key. If your router already has RSA keys when you issue this command, you will be warned and prompted to replace the existing keys with new keys. Jan 14, 2018 Use this command to generate RSA key pairs for your Cisco device (such as a router). RSA keys are generated in pairs-one public RSA key and one private RSA key. If your router already has RSA keys when you issue this command, you will be warned and prompted to replace the existing keys with new keys. Crypto key generate rsa. cryptokeygeneratersa,page2 Cisco IOS Security Command Reference: Commands A to C, Cisco IOS XE Release 3SE (Catalyst 3850 Switches). Solved: I have switch 3548-XL with version 12.0(5.3)WC. When attempting to run crypto key genearte rsa, it doesn't work. IP200#conf t Enter configuration commands, one per line. End with CNTL/Z. IP200(config)#hostname IP200 IP200(config)#ip. How I create RSA key and enable SSH access in Cisco VG202, in a Cisco router I use the next commands(but in a VG not exists): conf t crypto key generate rsa modulus 1024 ip domain-name domain-name ip ssh version 2 ip ssh time-out 120 ip ssh authentication-retries 3 line vty 0 4 transport input telne. I have pub/private keys generated already KeyPairGenerator keyPairGenerator is going to createa key pair, but in my case I alrady have it and then further want to use them for signign. e.g //ecdsaSign.initSign(keyPair.getPrivate()); Within the 20 minutes after I placed the order, the email with the genuine product key was sent to me. Windows home server 2011 product key generator. Surprise happened! |