Sometime back, i was working for a customer, wherein implementing ASSO for CLM. During that time, i found and recorded the below commands for generating certificate using keystore in Tomcat.
Below are the commands used to generate keystore and certificate.
Command to generate keystore :-
keytool -genkey -alias <aliasname> -keyalg RSA -sigalg SHA1withRSA -keysize <Keysize = 1024 or 2048> -keystore <KeystorePathwith.p12 extn> -storepass <storepassword> -ext SAN=URI:<https://<SSO1ofFQDN>,SAN=URI:<https://<SSO2ofFQDN> -storetype PKCS12 -providername JsafeJCE
here storetype & provider name differs based on the Java version present in the system
Export the certificate(.cer) from keystore :-
keytool -export -storepass <changeit > -file <Pathtocertificate>.cer -keystore <pathtokeystore>
Import the certificate in to keystore :-
keytool -importcert -alias <ASSOFQDN> -keystore <conf dirofTomcat> -storepass <changeit> -file <path2certificate> -storetype PKCS12 -providername JsafeJCE
Below are the commands used to generate keystore and certificate.
Command to generate keystore :-
keytool -genkey -alias <aliasname> -keyalg RSA -sigalg SHA1withRSA -keysize <Keysize = 1024 or 2048> -keystore <KeystorePathwith.p12 extn> -storepass <storepassword> -ext SAN=URI:<https://<SSO1ofFQDN>,SAN=URI:<https://<SSO2ofFQDN> -storetype PKCS12 -providername JsafeJCE
here storetype & provider name differs based on the Java version present in the system
Export the certificate(.cer) from keystore :-
keytool -export -storepass <changeit > -file <Pathtocertificate>.cer -keystore <pathtokeystore>
Import the certificate in to keystore :-
keytool -importcert -alias <ASSOFQDN> -keystore <conf dirofTomcat> -storepass <changeit> -file <path2certificate> -storetype PKCS12 -providername JsafeJCE
very useful info
ReplyDelete