To Use keytool to Create a ServerCertificate
Run keytool to generate a new key pair in the defaultdevelopment keystore file, keystore.jks. This exampleuses the alias server-alias to generate a new public/privatekey pair and wrap the public key into a self-signed certificate inside keystore.jks. The key pair is generated by using an algorithm oftype RSA, with a default password of changeit. For moreinformation and other examples of creating and managing keystore files, readthe keytool online help at http://download.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html.
The first step in configuring a VT Display session for SSH client authentication using a public key is to use the keytool program to generate a public-private key pair. About keytool keytool is a multipurpose utility program, included in the Java 2 Version 1.4 JRE and distributed with Host On-Demand, for managing keys and certificates.
Note – RSA is public-key encryption technology developed by RSA DataSecurity, Inc.
Java Keytool Importkeystore
From the directory in which you want to create the key pair, run keytool as shown in the following steps.
- Generate the server certificate.Type the keytool command all on one line:When you press Enter, keytool prompts you to enterthe server name, organizational unit, organization, locality, state, and countrycode.You must type the server name in response to keytool’sfirst prompt, in which it asks for first and last names. For testing purposes,this can be localhost.When you run the example applications, the host (server name) specifiedin the keystore must match the host identified in the javaee.server.name property specified in the file tut-install/examples/bp-project/build.properties.
- Export the generated server certificate in keystore.jks intothe file server.cer.Type the keytool commandall on one line:
- If you want to have the certificate signed by a CA, read the exampleat http://download.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html.
- To add the server certificate to the truststore file, cacerts.jks, run keytool from the directory where you createdthe keystore and server certificate.Use the following parameters:Information on the certificate, such as that shown next, will appear:
- Type yes, then press the Enter or Return key.The following information appears:
Certificate Signing Request (CSR) Help
Using Java Keytool
For Oracle Weblogic
There is a video for this solution.
Complete the following steps to create your CSR.
1. Before you can create your CSR, you need to create your Java keystore. Your Java keystore contains your private key.
Run the following command to create your 2048 bit Java keystore:
keytool -genkey -alias myalias -keyalg RSA –keysize 2048 -keystore c:yoursite.keystore
2. Note the alias you use here to create the keystore. You will need to use the same alias later when you install your certificate.
Please note: the below example applies to Entrust Certificate Services customers with the intended purpose of using an SSL/TLS certificate purchased from Entrust Datacard.
3. You will be prompted to enter your DN information for your CSR. When it asks for your first and last name, make sure you enter the FQDN of your site. Here is an example:
What is your first and last name?
[Unknown]: http://www.entrust.com/
What is the name of your organizational unit?
[Unknown]: IT
What is the name of your organization?
[Unknown]: Entrust Inc
What is the name of your City or Locality?
[Unknown]: Ottawa
What is the name of your State or Province?
[Unknown]: Ontario
What is the two-letter country code for this unit?
[Unknown]: CA
Is CN=www.entrust.com, OU=IT, O=Entrust Inc, L=Ottawa, ST=Ontario, C=CA correct?
[no]: yes
4. To create your CSR, run the following command:
keytool -certreq -keyalg RSA -alias myalias -file certreq.txt -keystore c:yoursite.mykeystore
5. To find your CSR, enter the command:
type certreq.txt
Your SSL/TLS Certificate should now be installed. If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance.
Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see the list below)
NOTE: It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra '1' before the '800' or your call will not be accepted as an UITF toll free call.
4. To create your CSR, run the following command:
keytool -certreq -keyalg RSA -alias myalias -file certreq.txt -keystore c:yoursite.mykeystore
5. To find your CSR, enter the command:
type certreq.txt
Your SSL/TLS Certificate should now be installed. If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance.
Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see the list below)
NOTE: It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra '1' before the '800' or your call will not be accepted as an UITF toll free call.
Java Keytool Commands
Java Keytool Generate Rsa Key Pair Test
Country | Number |
Australia | 0011 - 800-3687-7863 1-800-767-513 |
Austria | 00 - 800-3687-7863 |
Belgium | 00 - 800-3687-7863 |
Denmark | 00 - 800-3687-7863 |
Finland | 990 - 800-3687-7863 (Telecom Finland) 00 - 800-3687-7863 (Finnet) |
France | 00 - 800-3687-7863 |
Germany | 00 - 800-3687-7863 |
Hong Kong | 001 - 800-3687-7863 (Voice) 002 - 800-3687-7863 (Fax) |
Ireland | 00 - 800-3687-7863 |
Israel | 014 - 800-3687-7863 |
Italy | 00 - 800-3687-7863 |
Japan | 001 - 800-3687-7863 (KDD) 004 - 800-3687-7863 (ITJ) 0061 - 800-3687-7863 (IDC) |
Korea | 001 - 800-3687-7863 (Korea Telecom) 002 - 800-3687-7863 (Dacom) |
Malaysia | 00 - 800-3687-7863 |
Netherlands | 00 - 800-3687-7863 |
New Zealand | 00 - 800-3687-7863 0800-4413101 |
Norway | 00 - 800-3687-7863 |
Singapore | 001 - 800-3687-7863 |
Spain | 00 - 800-3687-7863 |
Sweden | 00 - 800-3687-7863 (Telia) 00 - 800-3687-7863 (Tele2) |
Switzerland | 00 - 800-3687-7863 |
Taiwan | 00 - 800-3687-7863 |
United Kingdom | 00 - 800-3687-7863 0800 121 6078 +44 (0) 118 953 3088 |