- #Java keystore explorer create new key store how to
- #Java keystore explorer create new key store code
tDefaultSSLSocketFactory( sclx. ("Warning: URL host '" + urlHostName + "' is different to SSLSession host '" + session.getPeerHost() + "'.") If (!urlHostName.equalsIgnoreCase(session.getPeerHost())) Public boolean verify(String urlHostName, SSLSession session) HostnameVerifier hv = new HostnameVerifier() if no exceptions are thrown in the startHandshake method, then everything is fine.įinally register your certificates with HttpsURLConnection if plan to use it: char passw = "password".toCharArray() SSLSocketFactory factory = sclx.getSocketFactory()
Sclx.init( kmf.getKeyManagers(), tm, null) SSLContext sclx = SSLContext.getInstance("TLS") TrustManager tm = tmf.getTrustManagers() TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()) KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509") Ks.load(new FileInputStream ( "mykeystore" ), passw ) KeyStore ks = KeyStore.getInstance("JKS", "SUN") ( You may want to enable debugging as an VM option: =all ) char passw = "password".toCharArray() (optional) Test your certificates and private key from your new key store against your SSL server: (optional) Verify the content of your new key store: $ keytool -list -keystore mykeystore -storepass passwordĬn=.,ou=.,o=., Sep 2, 2014, trustedCertEntry,Ĭertificate fingerprint (SHA1): 2C:B8. Ks.store(new FileOutputStream ( "mykeystore" ),keypass.toCharArray()) Ks.setKeyEntry(defaultalias, ff, keypass.toCharArray(), chain ) String alias2 = ((X509Certificate) crt2).getSubjectX500Principal().getName() String alias1 = ((X509Certificate) crt1).getSubjectX500Principal().getName()
#Java keystore explorer create new key store how to
I have been following this stackoverflow answer How to create a certificate chain using keytool but i see that in.
Now, how in the world do I include the other two intermediate certificates using keystore explorer. Public static SSLServerSocketFactory createSSLFactory(File privateKeyPem, File certificatePem, String password) throws Exception Keystore Explorer says that the public keys matched in both my keystore public key and their issued Free Trial SSL certificate.
#Java keystore explorer create new key store code
If you need an easy way to load PEM files in Java without having to deal with external tools (opensll, keytool), here is my code I use in production : import java.io.BufferedReader