锘??xml version="1.0" encoding="utf-8" standalone="yes"?>亚洲国产综合AV在线观看,亚洲AV成人一区二区三区在线看,亚洲人成人网站在线观看http://www.tkk7.com/dashi99/category/51985.html<div align="center"> <img height="50" width="200" name="welcome" src="http://www.tkk7.com/images/blogjava_net/majianan/14891/r_5858488902000cu2.gif"/> </div> <br/> <center><font size=4 >楸肩涓嶅紑姘?浣嗘槸娌℃湁璇翠笉紱誨紑鍝淮姘?</font></center>zh-cnTue, 26 Jun 2012 12:20:50 GMTTue, 26 Jun 2012 12:20:50 GMT60How to Create Client/Server Keystores using Java Keytoolhttp://www.tkk7.com/dashi99/archive/2012/06/26/381538.html銈炴矇榛樻槸閲戙倿銈炴矇榛樻槸閲戙倿Tue, 26 Jun 2012 11:15:00 GMThttp://www.tkk7.com/dashi99/archive/2012/06/26/381538.htmlhttp://www.tkk7.com/dashi99/comments/381538.htmlhttp://www.tkk7.com/dashi99/archive/2012/06/26/381538.html#Feedback0http://www.tkk7.com/dashi99/comments/commentRss/381538.htmlhttp://www.tkk7.com/dashi99/services/trackbacks/381538.html

Here I have described how to create client/server keystores which can be used to secure Axsi2 webservices and invoke Axis2 secured webservices. i.e. It can be easily used with any WSO2 Product to experience security scenarios.More detailed explanation on creating client/server keystores using openssl including Certificate Authority(CA) Requests, can be found at http://wso2.org/library/174.

 

Java keytool stores the keys and certificates in a keystore, protected by a keystore password. Further, it protects private key again with another password. A Java keystore contains private-public key pair and multiple trusted certificate entries. All entries in a keystore are referred by aliases. Both private key and self signed public key is referred by one alias while any other trusted certificates are referred by different individual aliases.

 

As the first step, let's create a keystore for server. In order to do it, execute following command in a terminal. "server" in the following command corresponds to the private key/self signed public key certificate alias in the keystore while "server.jks" is the name of the creating keystore file.

keytool -genkey -alias server -keyalg RSA -keystore server.jks

when you execute the above command it will first prompt you to specify a password which is corresponded to the keystore password. Then it will prompt several questions. You can give answers that you wish. At the end it will ask for a password again, which will be used to secure the generated private key.

Enter keystore password: 
Re-enter new password:
What is your first and last name?
[Unknown]: Ruchira Wageesha
What is the name of your organizational unit?
[Unknown]: Mashup Server
What is the name of your organization?
[Unknown]: WSO2
What is the name of your City or Locality?
[Unknown]: Ahangama
What is the name of your State or Province?
[Unknown]: Southern
What is the two-letter country code for this unit?
[Unknown]: LK
Is CN=Ruchira Wageesha, OU=Mashup Server, O=WSO2, L=Ahangama, ST=Southern, C=LK correct?
[no]: yes
Enter key password for
(RETURN if same as keystore password):

Once you successfully completed this, java keytool will create a file named "server.jks". In the same way, you can create a client keystore named "client.jks" with the alias "client" using following command.

keytool -genkey -alias client -keyalg RSA -keystore client.jks

Now, you have two files named client.jks and server.jks. You can view the content of these keystore files using the following command. Replacess "ruchira" with the keystore password you entered while creating the keystore.

keytool -list -v -keystore server.jks -storepass ruchira

This will list something like this.

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

Alias name: server
Creation date: Jul 8, 2010
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=Ruchira Wageesha, OU=Mashup Server, O=WSO2, L=Ahangama, ST=Southern, C=LK
Issuer: CN=Ruchira Wageesha, OU=Mashup Server, O=WSO2, L=Ahangama, ST=Southern, C=LK
Serial number: 4c356225
Valid from: Thu Jul 08 10:59:09 IST 2010 until: Wed Oct 06 10:59:09 IST 2010
Certificate fingerprints:
MD5: 60:0B:48:0D:DB:56:8C:68:8C:2D:94:4A:D6:DA:04:B8
SHA1: A7:CE:57:10:70:87:C1:2C:C0:9D:1D:90:8C:BB:69:B6:66:26:97:13
Signature algorithm name: SHA1withRSA
Version: 3

*******************************************
*******************************************

The next step is, getting server's self signed public key certificate and storing it in client's keystore. And getting and storing client's self signed public key certificate in server's keystore. In order to do that, first we need to export both server and client public key certificates into files. Using the following command, you can export server's public key certificate into server.cert file and client's public key certificate into client.cert file.

keytool -export -file server.cert -keystore server.jks -storepass ruchira -alias server
keytool -export -file client.cert -keystore client.jks -storepass ruchira -alias client

Now you have server.cert and client.cert. You can use following commands to view certificate contents.

keytool -printcert -v -file server.cert
keytool -printcert -v -file client.cert

As the last step, we need to import server.cert into client keystore and client.cert into server keystore. As I mentioned earlier, each entry of a Java Keystore is stored against an alias. So, we need to specify aliases here, which will be used to refer the certificates that we are going to store.

keytool -import -file client.cert -keystore server.jks -storepass ruchira -alias client

Above command will store client's self signed public key certificate(client.cert) in server.jks against the alias "client". So, using "client" alias on server.jks, we can refer client's certificate anytime. Likewise, following command will store server.cert within client.jks against the alias "server".

keytool -import -file server.cert -keystore client.jks -storepass ruchira -alias server

After all, please view the content of both keystore again using following commands.

keytool -list -v -keystore server.jks -storepass ruchira
keytool -list -v -keystore client.jks -storepass ruchira

It will give you something like bellow for server.jks

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 2 entries

Alias name: server
Creation date: Jul 8, 2010
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=Ruchira Wageesha, OU=Mashup Server, O=WSO2, L=Ahangama, ST=Southern, C=LK
Issuer: CN=Ruchira Wageesha, OU=Mashup Server, O=WSO2, L=Ahangama, ST=Southern, C=LK
Serial number: 4c3562a0
Valid from: Thu Jul 08 11:01:12 IST 2010 until: Wed Oct 06 11:01:12 IST 2010
Certificate fingerprints:
MD5: AB:77:72:F1:0D:09:55:E3:B6:D3:DC:A6:4D:D4:39:36
SHA1: D7:C1:60:5C:7E:34:40:A9:0B:E4:2C:65:6C:E0:79:7C:EE:37:A7:19
Signature algorithm name: SHA1withRSA
Version: 3

*******************************************
*******************************************

Alias name: client
Creation date: Jul 8, 2010
Entry type: trustedCertEntry

Owner: CN=Ruchira Wageesha, OU=Mashup Server, O=WSO2, L=Ahangama, ST=Southern, C=LK
Issuer: CN=Ruchira Wageesha, OU=Mashup Server, O=WSO2, L=Ahangama, ST=Southern, C=LK
Serial number: 4c356225
Valid from: Thu Jul 08 10:59:09 IST 2010 until: Wed Oct 06 10:59:09 IST 2010
Certificate fingerprints:
MD5: 60:0B:48:0D:DB:56:8C:68:8C:2D:94:4A:D6:DA:04:B8
SHA1: A7:CE:57:10:70:87:C1:2C:C0:9D:1D:90:8C:BB:69:B6:66:26:97:13
Signature algorithm name: SHA1withRSA
Version: 3

*******************************************
*******************************************

something like below for client.jks

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 2 entries

Alias name: server
Creation date: Jul 8, 2010
Entry type: trustedCertEntry

Owner: CN=Ruchira Wageesha, OU=Mashup Server, O=WSO2, L=Ahangama, ST=Southern, C=LK
Issuer: CN=Ruchira Wageesha, OU=Mashup Server, O=WSO2, L=Ahangama, ST=Southern, C=LK
Serial number: 4c3562a0
Valid from: Thu Jul 08 11:01:12 IST 2010 until: Wed Oct 06 11:01:12 IST 2010
Certificate fingerprints:
MD5: AB:77:72:F1:0D:09:55:E3:B6:D3:DC:A6:4D:D4:39:36
SHA1: D7:C1:60:5C:7E:34:40:A9:0B:E4:2C:65:6C:E0:79:7C:EE:37:A7:19
Signature algorithm name: SHA1withRSA
Version: 3

*******************************************
*******************************************

Alias name: client
Creation date: Jul 8, 2010
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=Ruchira Wageesha, OU=Mashup Server, O=WSO2, L=Ahangama, ST=Southern, C=LK
Issuer: CN=Ruchira Wageesha, OU=Mashup Server, O=WSO2, L=Ahangama, ST=Southern, C=LK
Serial number: 4c356225
Valid from: Thu Jul 08 10:59:09 IST 2010 until: Wed Oct 06 10:59:09 IST 2010
Certificate fingerprints:
MD5: 60:0B:48:0D:DB:56:8C:68:8C:2D:94:4A:D6:DA:04:B8
SHA1: A7:CE:57:10:70:87:C1:2C:C0:9D:1D:90:8C:BB:69:B6:66:26:97:13
Signature algorithm name: SHA1withRSA
Version: 3

*******************************************
*******************************************

If everything went well, you might have successfully created server.jks and client.jks which can be used to secure Axis2 Services and access those secured services.



銈炴矇榛樻槸閲戙倿 2012-06-26 19:15 鍙戣〃璇勮
]]> 主站蜘蛛池模板: 色欲A∨无码蜜臀AV免费播| 成人嫩草影院免费观看| 特级精品毛片免费观看| 亚洲gv白嫩小受在线观看| aa级女人大片喷水视频免费 | 国产特级淫片免费看| 亚洲爆乳大丰满无码专区| 成年18网站免费视频网站| 亚洲va在线va天堂成人| 成人a免费α片在线视频网站| 亚洲色少妇熟女11p| 国产免费小视频在线观看| 美女扒开尿口给男人爽免费视频 | 国内精品99亚洲免费高清| 亚洲欧洲日产国码av系列天堂| 久久久WWW免费人成精品| 亚洲男人第一av网站| 久久精品免费一区二区| 亚洲性无码一区二区三区| 日本媚薬痉挛在线观看免费| 一级毛片a女人刺激视频免费| 亚洲午夜久久久久久久久电影网| 日本免费高清视频| 亚洲一卡2卡4卡5卡6卡在线99| 精品国产精品久久一区免费式| 曰批全过程免费视频观看免费软件| 亚洲另类激情综合偷自拍图| 亚洲视频免费在线播放| 亚洲欧洲av综合色无码| 亚洲精品线路一在线观看| 久久国产乱子伦精品免费不卡| 亚洲国产成人在线视频| 免费国产在线观看| 国产成人久久AV免费| 最新国产成人亚洲精品影院| 亚洲国产黄在线观看| 久久中文字幕免费视频| 亚洲av日韩综合一区二区三区| 亚洲一级特黄无码片| 老司机在线免费视频| 乱人伦中文视频在线观看免费|